High severity7.8NVD Advisory· Published Nov 30, 2023· Updated Jun 17, 2026
CVE-2023-5247
CVE-2023-5247
Description
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Range: all versions
- Mitsubishi Electric Corporation/MELSOFT iQ AppPortalv5Range: all versions
- Range: all versions
- Range: all versions
Patches
Vulnerability mechanics
References
2- jvn.jp/vu/JVNVU93383160/nvdMitigationThird Party Advisory
- www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-016_en.pdfnvdMitigationVendor Advisory
News mentions
0No linked articles in our index yet.