Gt_softgot2000 - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Gt_softgot2000
(Mitsubishielectric)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	9

Date	Id	Summary	Products	Score	Patch	Annotated
2021-08-05	CVE-2021-20592	Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions 1.170C through 1.256S allows a remote unauthenticated attacker to cause DoS condition on the MODBUS/TCP slave communication function of the products by rapidly and repeatedly connecting and...	Got2000_gt23_firmware, Got2000_gt25_firmware, Got2000_gt27_firmware, Gt_softgot2000	7.5
2022-02-11	CVE-2020-14521	Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.	C_controller_interface_module_utility, C_controller_module_setting_and_monitoring_tool, Cc\-Link_ie_control_network_data_collector, Cc\-Link_ie_field_network_data_collector, Cc\-Link_ie_tsn_data_collector, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Gt_designer2_classic, Gt_designer3, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, M_commdtm\-Io\-Link, Melfa\-Works, Melsec_wincpu_setting_utility, Melsoft_complete_clean_up_tool, Melsoft_em_software_development_kit, Melsoft_iq_appportal, Melsoft_navigator, Mi_configurator, Motion_control_setting, Motorizer, Mr_configurator2, Mt_works2, Mtconnect_data_collector, Mx_component, Mx_mesinterface, Mx_mesinterface\-R, Mx_sheet, Network_interface_board_cc\-Link_ver\.2_utility_firmware, Network_interface_board_cc_ie_control_utility_firmware, Network_interface_board_cc_ie_field_utility_firmware, Network_interface_board_mneth_utility_firmware, Position_board_utility_2, Px_developer, Rt_toolbox2, Rt_toolbox3, Setting\/monitoring_tools_for_the_c_controller_module, Slmp_data_collector	9.8
2021-02-19	CVE-2021-20588	Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA Engineering Software(CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000)...	C_controller_module_setting_and_monitoring_tool, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Ezsocket, Fr_configurator, Fr_configurator2, Fr_configurator_sw3, Gt_designer3, Gt_softgot1000, Gt_softgot2000, Gx_configurator\-Dp, Gx_configurator\-Qp, Gx_developer, Gx_explorer, Gx_iec_developer, Gx_logviewer, Gx_remoteservice\-I, Gx_works2, Gx_works3, Iq_monozukuri_andon, Iq_monozukuri_process_remote_monitoring, M_commdtm\-Hart, M_commdtm\-Io\-Link, Melfa\-Works, Melsec_wincpu_setting_utility, Melsoft_em_software_development_kit, Melsoft_navigator, Mh11_settingtool_version2, Mi_configurator, Mt_works2, Mx_component, Network_interface_board_cc\-Link, Network_interface_board_cc_ie_control_utility, Network_interface_board_cc_ie_field_utility, Network_interface_board_mneth_utility, Px_developer, Rt_toolbox2, Rt_toolbox3, Setting\/monitoring_tools_for_the_c_controller_module, Slmp_data_collector	9.8
2023-08-04	CVE-2023-0525	Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions 01.49.000 and prior, GS21 model versions 01.49.000 and prior, GT Designer3 Version1 (GOT2000) versions 1.295H and prior and GT SoftGOT2000 versions 1.295H and prior allows a remote unauthenticated...	Gs21_firmware, Gs25_firmware, Gt21_firmware, Gt23_firmware, Gt25_firmware, Gt27_firmware, Gt_designer3, Gt_softgot2000	7.5
2023-02-02	CVE-2022-40268	Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to lead legitimate users to perform unintended operations through clickjacking.	Gt25_firmware, Gt27_firmware, Gt_softgot2000	4.7
2023-02-02	CVE-2022-40269	Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to disclose sensitive information from users' browsers or spoof legitimate users by abusing inappropriate HTML attributes.	Gt25_firmware, Gt27_firmware, Gt_softgot2000	8.1
2021-02-19	CVE-2021-20587	Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions 1.250L and prior, GT...	C_controller_module_setting_and_monitoring_tool, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Ezsocket, Fr_configurator, Fr_configurator2, Fr_configurator_sw3, Gt_designer3, Gt_softgot1000, Gt_softgot2000, Gx_configurator\-Dp, Gx_configurator\-Qp, Gx_developer, Gx_explorer, Gx_iec_developer, Gx_logviewer, Gx_remoteservice\-I, Gx_works2, Gx_works3, Iq_monozukuri_andon, Iq_monozukuri_process_remote_monitoring, M_commdtm\-Hart, M_commdtm\-Io\-Link, Melfa\-Works, Melsec_wincpu_setting_utility, Melsoft_em_software_development_kit, Melsoft_navigator, Mh11_settingtool_version2, Mi_configurator, Mt_works2, Mx_component, Network_interface_board_cc\-Link, Network_interface_board_cc_ie_control_utility, Network_interface_board_cc_ie_field_utility, Network_interface_board_mneth_utility, Px_developer, Rt_toolbox2, Rt_toolbox3, Setting\/monitoring_tools_for_the_c_controller_module, Slmp_data_collector	9.8
2022-05-19	CVE-2020-14496	Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.	Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Em_configurator, Ezsocket, Fr_configurator2, Gt_designer3, Gt_softgot1000, Gt_softgot2000, Gx_logviewer, Gx_works2, Gx_works3, M_commdtm\-Hart, M_commdtm\-Io\-Link, Melfa\-Works, Melsoft_fielddeviceconfigurator, Melsoft_navigator, Mh11_settingtool_version2, Motorizer, Mr_configurator2, Mt_works2, Mx_component, Network_interface_board_cc\-Link_ver\.2_utility, Network_interface_board_cc_ie_control_utility, Network_interface_board_cc_ie_field_utility, Network_interface_board_mneth_utility, Px_developer, Rt_toolbox2, Rt_toolbox3	9.8
2021-11-23	CVE-2021-20601	Improper input validation vulnerability in GOT2000 series GT27 model all versions, GOT2000 series GT25 model all versions, GOT2000 series GT23 model all versions, GOT2000 series GT21 model all versions, GOT SIMPLE series GS21 model all versions, and GT SoftGOT2000 all versions allows an remote unauthenticated attacker to write a value that exceeds the configured input range limit by sending a malicious packet to rewrite the device value. As a result, the system operation may be affected,...	Got2000_gt2103\-Pmbd_firmware, Got2000_gt2103\-Pmbds2_firmware, Got2000_gt2103\-Pmbds_firmware, Got2000_gt2103\-Pmbls_firmware, Got2000_gt2104\-Rtbd_firmware, Got2000_gt2107\-Wtbd_firmware, Got2000_gt2308\-Vtba_firmware, Got2000_gt2308\-Vtbd_firmware, Got2000_gt2310\-Vtba_firmware, Got2000_gt2310\-Vtbd_firmware, Got2000_gt2505\-Vtbd_firmware, Got2000_gt2505hs\-Vtbd_firmware, Got2000_gt2506hs\-Vtbd_firmware, Got2000_gt2507\-Wtbd_firmware, Got2000_gt2507\-Wtsd_firmware, Got2000_gt2507t\-Wtsd_firmware, Got2000_gt2508\-Vtba_firmware, Got2000_gt2508\-Vtbd_firmware, Got2000_gt2508\-Vtwa_firmware, Got2000_gt2508\-Vtwd_firmware, Got2000_gt2510\-Vtba_firmware, Got2000_gt2510\-Vtbd_firmware, Got2000_gt2510\-Vtwa_firmware, Got2000_gt2510\-Vtwd_firmware, Got2000_gt2510\-Wxtbd_firmware, Got2000_gt2510\-Wxtsd_firmware, Got2000_gt2512\-Stba_firmware, Got2000_gt2512\-Stbd_firmware, Got2000_gt2512\-Wxtbd_firmware, Got2000_gt2512\-Wxtsd_firmware, Got2000_gt2705\-Vtbd_firmware, Got2000_gt2708\-Stba_firmware, Got2000_gt2708\-Stbd_firmware, Got2000_gt2708\-Vtba_firmware, Got2000_gt2708\-Vtbd_firmware, Got2000_gt2710\-Stba_firmware, Got2000_gt2710\-Stbd_firmware, Got2000_gt2710\-Vtba_firmware, Got2000_gt2710\-Vtbd_firmware, Got2000_gt2710\-Vtwa_firmware, Got2000_gt2710\-Vtwd_firmware, Got2000_gt2712\-Stba_firmware, Got2000_gt2712\-Stbd_firmware, Got2000_gt2712\-Stwa_firmware, Got2000_gt2712\-Stwd_firmware, Got2000_gt2715\-Xtba_firmware, Got2000_gt2715\-Xtbd_firmware, Got_simple_gs2107\-Wtbd_firmware, Got_simple_gs2110\-Wtbd_firmware, Gt_softgot2000	7.5