VYPR

FR Configurator2

by Mitsubishielectric

CVEs (5)

  • CVE-2023-4088CriSep 20, 2023
    risk 0.60cvss 9.3epss 0.00

    Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS)…

  • CVE-2021-20588HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.06

    Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions…

  • CVE-2021-20587HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.04

    Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR…

  • CVE-2019-10976MedJul 26, 2019
    risk 0.36cvss 5.5epss 0.01

    Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project and/or template file (.frc2). Once a user opens the file, the attacker could read arbitrary files.

  • CVE-2019-10972MedJul 26, 2019
    risk 0.36cvss 5.5epss 0.01

    Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file (.frc2). Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding…