VYPR
Vendor

Mitsubishielectric

Products
121
CVEs
194
Across products
299
Status
Private

Products

121
View all 121 products →

Recent CVEs

194
View all 194 CVEs →
  • CVE-2025-3128CriAug 21, 2025
    risk 0.64cvss 9.8epss 0.01

    A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS commands to disclose, tamper with, destroy or delete information in Mitsubishi Electric smartRTU, or cause a denial-of service condition on the product.

  • CVE-2025-3699CriJun 26, 2025
    risk 0.64cvss 9.8epss 0.01

    Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation G-50 all versions, G-50-W all versions, G-50A all versions, GB-50 all versions, GB-50A all versions, GB-24A all versions, G-150AD all versions, AG-150A-A all versions, AG-150A-J all…

  • CVE-2024-1917CriMar 15, 2024
    risk 0.64cvss 9.8epss 0.01

    Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

  • CVE-2024-1916CriMar 15, 2024
    risk 0.64cvss 9.8epss 0.01

    Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

  • CVE-2024-1915CriMar 15, 2024
    risk 0.64cvss 9.8epss 0.01

    Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

  • CVE-2024-0803CriMar 15, 2024
    risk 0.64cvss 9.8epss 0.01

    Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

  • CVE-2024-0802CriMar 15, 2024
    risk 0.64cvss 9.8epss 0.01

    Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a…

  • CVE-2017-9638CriApr 17, 2018
    risk 0.64cvss 9.8epss 0.04

    Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash.

  • CVE-2017-9636CriApr 17, 2018
    risk 0.64cvss 9.8epss 0.04

    Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash.

  • CVE-2017-9634CriApr 17, 2018
    risk 0.64cvss 9.8epss 0.04

    Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash.

  • CVE-2025-14816CriApr 8, 2026
    risk 0.60cvss epss 0.00

    Cleartext Storage of Sensitive Information in GUI vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper…

  • CVE-2025-14815CriApr 8, 2026
    risk 0.60cvss epss 0.00

    Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian…

  • CVE-2025-3755CriMay 29, 2025
    risk 0.59cvss 9.1epss 0.01

    Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in…

  • CVE-2025-15080HigFeb 5, 2026
    risk 0.57cvss epss 0.01

    Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric MELSEC iQ-R Series R08PCPU, R16PCPU, R32PCPU, and R120PCPU allows an unauthenticated attacker to read device data or part of a control program from the affected product, write device data in…

  • CVE-2025-10314HigFeb 5, 2026
    risk 0.57cvss 8.8epss 0.00

    Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files (EXE) or DLLs in the installation…

  • CVE-2016-8368HigFeb 13, 2017
    risk 0.56cvss 8.6epss 0.03

    An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote…

  • CVE-2025-11774HigDec 19, 2025
    risk 0.53cvss 8.2epss 0.00

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the software keyboard function (hereinafter referred to as "keypad function") of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics…

  • CVE-2024-9852HigNov 28, 2024
    risk 0.51cvss 7.8epss 0.00

    Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric GENESIS32 all versions,…

  • CVE-2024-8299HigNov 28, 2024
    risk 0.51cvss 7.8epss 0.00

    Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric GENESIS32 all versions,…

  • CVE-2025-10089HigNov 18, 2025
    risk 0.50cvss 7.7epss 0.00

    Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S Setting Application all versions, MILCO.S Setting Application (IR) all versions, MILCO.S Easy Setting Application (IR) all versions, and MILCO.S Easy Switch…