VYPR

GX Works2

by Mitsubishielectric

CVEs (22)

  • CVE-2023-6943CriJan 30, 2024
    risk 0.64cvss 9.8epss 0.02

    Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) versions 1.325P and prior, GT Designer3 Version1(GOT2000) versions 1.320J and prior,…

  • CVE-2023-4088CriSep 20, 2023
    risk 0.60cvss 9.3epss 0.00

    Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS)…

  • CVE-2022-29830CriNov 25, 2022
    risk 0.59cvss 9.1epss 0.01

    Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z, and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.065T allows a remote unauthenticated attacker to disclose or tamper with sensitive…

  • CVE-2022-25164HigNov 25, 2022
    risk 0.56cvss 8.6epss 0.01

    Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information.…

  • CVE-2023-5247HigNov 30, 2023
    risk 0.51cvss 7.8epss 0.00

    Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which…

  • CVE-2023-6942HigJan 30, 2024
    risk 0.49cvss 7.5epss 0.01

    Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) versions 1.325P and prior, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX…

  • CVE-2022-29831HigNov 25, 2022
    risk 0.49cvss 7.5epss 0.01

    Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules.

  • CVE-2021-20608HigDec 17, 2021
    risk 0.49cvss 7.5epss 0.03

    Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX Works2 by getting GX Works2 to read a tampered program file from a Mitsubishi…

  • CVE-2021-20588HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.06

    Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions…

  • CVE-2021-20587HigFeb 19, 2021
    risk 0.49cvss 7.5epss 0.04

    Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR…

  • CVE-2022-29833MedNov 25, 2022
    risk 0.44cvss 6.8epss 0.01

    Insufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could access to MELSEC safety CPU modules…

  • CVE-2022-29829MedNov 25, 2022
    risk 0.44cvss 6.8epss 0.01

    Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C, Motion Control Setting(GX Works3 related software) versions from 1.035M to 1.042U, and MT Works2…

  • CVE-2022-29828MedNov 25, 2022
    risk 0.44cvss 6.8epss 0.01

    Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute…

  • CVE-2022-29827MedNov 25, 2022
    risk 0.44cvss 6.8epss 0.01

    Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute…

  • CVE-2022-29826MedNov 25, 2022
    risk 0.44cvss 6.8epss 0.01

    Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive…

  • CVE-2025-3784MedNov 27, 2025
    risk 0.36cvss 5.5epss 0.00

    Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using…

  • CVE-2022-29825MedNov 25, 2022
    risk 0.36cvss 5.6epss 0.00

    Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C, and MT Works2 versions from 1.100E to 1.200J allows an unauthenticated attacker to disclose sensitive…

  • CVE-2021-20607MedDec 17, 2021
    risk 0.36cvss 5.5epss 0.01

    Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by…

  • CVE-2021-20606MedDec 17, 2021
    risk 0.36cvss 5.5epss 0.01

    Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions 5.4 and prior allows an attacker to cause a DoS condition in the software by…

  • CVE-2022-29832LowNov 25, 2022
    risk 0.24cvss 3.7epss 0.01

    Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information.…

Page 1 of 2