CVE-2022-29826
Description
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cleartext storage vulnerability in Mitsubishi GX Works3 and Motion Control Setting allows remote unauthenticated attackers to disclose sensitive info and execute programs.
Vulnerability
Cleartext storage of sensitive information exists in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting (GX Works3 related software) versions from 1.000A to 1.042U [1][2]. This allows sensitive data to be stored in cleartext, which can be accessed remotely.
Exploitation
An unauthenticated attacker can exploit this vulnerability remotely over the network without any special privileges or user interaction [1]. The attack complexity is low. The attacker can view programs and project files, or even execute programs without authorization.
Impact
Successful exploitation leads to disclosure of sensitive information, including program files and project data. Additionally, an attacker may be able to execute programs illegally on the affected system. The CVSS v3 score is 9.1 (Critical) [1].
Mitigation
Mitsubishi Electric has released updates for the affected products. Users should upgrade to the latest versions as indicated in the vendor advisory [1][2]. No workarounds are provided. For detailed version check, refer to the product manuals [2].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: 1.000A to 1.042U
- Range: 1.000A to 1.087R
- Range: from 1.000A to 1.087R
- Mitsubishi Electric Corporation/Motion Control Setting(GX Works3 related software)v5Range: from 1.000A to 1.042U
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdfmitrevendor-advisory
- jvn.jp/vu/JVNVU97244961/index.htmlmitregovernment-resource
- www.cisa.gov/uscert/ics/advisories/icsa-22-333-05mitregovernment-resource
News mentions
0No linked articles in our index yet.