Critical severity9.3NVD Advisory· Published Sep 20, 2023· Updated Jun 17, 2026
CVE-2023-4088
CVE-2023-4088
Description
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27- Mitsubishi Electric Corporation/AL-PCS/WIN-Ev5Range: all versions
- Range: all versions
all versions+ 1 more
- (no CPE)range: all versions
- (no CPE)range: all versions
- Range: all versions
all versions+ 2 more
- (no CPE)range: all versions
- (no CPE)range: all versions
- (no CPE)range: all versions
- Mitsubishi Electric Corporation/FX Configurator-EN-Lv5Range: all versions
all versions+ 1 more
- (no CPE)range: all versions
- (no CPE)range: all versions
- Mitsubishi Electric Corporation/GT SoftGOT1000 Version3v5Range: all versions
- Range: all versions
- Mitsubishi Electric Corporation/GX LogViewerv5Range: all versions
all versions+ 1 more
- (no CPE)range: all versions
- (no CPE)range: all versions
- Mitsubishi Electric Corporation/MELSOFT FieldDeviceConfiguratorv5Range: all versions
- Mitsubishi Electric Corporation/MELSOFT iQ AppPortalv5Range: all versions
- Mitsubishi Electric Corporation/MELSOFT MaiLabv5Range: all versions
- Range: all versions
- Mitsubishi Electric Corporation/MELSOFT Update Managerv5Range: all versions
- Range: all versions
- Mitsubishi Electric Corporation/MX Sheetv5Range: all versions
- Mitsubishi Electric Corporation/PX Developerv5Range: all versions
- Mitsubishi Electric Corporation/RT ToolBox3v5Range: all versions
- Mitsubishi Electric Corporation/RT VisualBoxv5Range: all versions
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.