CVE-2020-14523
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
11/02/2022
Last modified:
01/03/2022
Description
Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:* | 1.010l (including) | |
| cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:* | 1.22y (including) | |
| cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:* | 1.595v (including) | |
| cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:* | 1.063r (including) | |
| cpe:2.3:a:mitsubishielectric:iu_configuration_tool:*:*:*:*:*:*:*:* | 1.04 (including) | |
| cpe:2.3:a:mitsubishielectric:iu_developer2:*:*:*:*:*:*:*:* | 1.08 (including) | |
| cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:*:*:*:*:*:*:*:* | 1.17t (including) | |
| cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:* | 2.70y (including) | |
| cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:* | 1.110q (including) | |
| cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:* | 1.156n (including) | |
| cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:* | 4.20w (including) | |
| cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:* | 1.70y (including) | |
| cpe:2.3:o:mitsubishielectric:rd78g4_firmware:*:*:*:*:*:*:*:* | 10 (including) | |
| cpe:2.3:h:mitsubishielectric:rd78g4:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page