Medium severity5.5NVD Advisory· Published Nov 27, 2025· Updated Apr 15, 2026

CVE-2025-3784

Description

Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential information, and obtain or modify project information.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/vu/JVNVU95288056/nvd
www.cisa.gov/news-events/ics-advisories/icsa-25-338-01nvd
www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-016_en.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000