Product:

Gx_works3

(Mitsubishielectric)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 33
Date Id Summary Products Score Patch Annotated
2022-11-25 CVE-2022-29830 Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Motion Control Setting(GX Works3 related software) versions from 1.000A and later allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthenticated attackers may obtain information about project files illegally. Gx_works3 9.1
2022-11-25 CVE-2022-29832 Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could obtain information about the project file for MELSEC safety CPU modules or project file for MELSEC Q/FX/L series with security setting. Gx_works3 6.5
2022-11-25 CVE-2022-29831 Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules. Gx_works3 7.5
2022-11-25 CVE-2022-29833 Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could access to MELSEC safety CPU modules illgally. Gx_works3 6.5
2023-09-20 CVE-2023-4088 Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder. Gx_works3 7.8
2023-11-30 CVE-2023-5247 Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition. Gx_works3, Melsoft_iq_appportal, Melsoft_navigator, Motion_control_setting 7.8
2024-07-02 CVE-2024-22103 Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). Windriver, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Data_transfer_classic, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Genesis64, Gt_got1000, Gt_got2000, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, Iq_works, Mi_configurator, Mr_configurator, Mr_configurator2, Mrzjw3\-Mc2\-Utl_firmware, Mx_component, Mx_opc_server_da\/ua, Numerical_control_device_communication, Px_developer\/monitor_tool, Rt_toolbox3, Rt_visualbox, Sw0dnc\-Mneth\-B_firmware, Sw1dnc\-Ccbd2\-B_firmware, Sw1dnc\-Ccief\-B_firmware, Sw1dnc\-Ccief\-J_firmware, Sw1dnc\-Mnetg\-B_firmware, Sw1dnc\-Qsccf\-B_firmware, Sw1dnd\-Emsdk\-B_firmware 5.5
2024-07-02 CVE-2023-51777 Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. Windriver, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Data_transfer_classic, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Genesis64, Gt_got1000, Gt_got2000, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, Iq_works, Mi_configurator, Mr_configurator, Mr_configurator2, Mrzjw3\-Mc2\-Utl_firmware, Mx_component, Mx_opc_server_da\/ua, Numerical_control_device_communication, Px_developer\/monitor_tool, Rt_toolbox3, Rt_visualbox, Sw0dnc\-Mneth\-B_firmware, Sw1dnc\-Ccbd2\-B_firmware, Sw1dnc\-Ccief\-B_firmware, Sw1dnc\-Ccief\-J_firmware, Sw1dnc\-Mnetg\-B_firmware, Sw1dnc\-Qsccf\-B_firmware, Sw1dnd\-Emsdk\-B_firmware 5.5
2024-07-02 CVE-2024-25088 Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code. Windriver, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Data_transfer_classic, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Genesis64, Gt_got1000, Gt_got2000, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, Iq_works, Mi_configurator, Mr_configurator, Mr_configurator2, Mrzjw3\-Mc2\-Utl_firmware, Mx_component, Mx_opc_server_da\/ua, Numerical_control_device_communication, Px_developer\/monitor_tool, Rt_toolbox3, Rt_visualbox, Sw0dnc\-Mneth\-B_firmware, Sw1dnc\-Ccbd2\-B_firmware, Sw1dnc\-Ccief\-B_firmware, Sw1dnc\-Ccief\-J_firmware, Sw1dnc\-Mnetg\-B_firmware, Sw1dnc\-Qsccf\-B_firmware, Sw1dnd\-Emsdk\-B_firmware 7.8
2024-07-02 CVE-2024-22104 Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). Windriver, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Data_transfer_classic, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Genesis64, Gt_got1000, Gt_got2000, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, Iq_works, Mi_configurator, Mr_configurator, Mr_configurator2, Mrzjw3\-Mc2\-Utl_firmware, Mx_component, Mx_opc_server_da\/ua, Numerical_control_device_communication, Px_developer\/monitor_tool, Rt_toolbox3, Rt_visualbox, Sw0dnc\-Mneth\-B_firmware, Sw1dnc\-Ccbd2\-B_firmware, Sw1dnc\-Ccief\-B_firmware, Sw1dnc\-Ccief\-J_firmware, Sw1dnc\-Mnetg\-B_firmware, Sw1dnc\-Qsccf\-B_firmware, Sw1dnd\-Emsdk\-B_firmware 5.5