CVE-2024-8300
Published: Nov 28, 2024
Modified: Jan 9, 2026
CVSS v3.1
7.0
Description
Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
| Vendor | Product | Versions |
|---|---|---|
Mitsubishi Electric Corporation | GENESIS64 | affected Version 10.97.2affected Version 10.97.2 CFR1affected Version 10.97.2 CRF2affected Version 10.97.3 |
Mitsubishi Electric Iconics Digital Solutions | GENESIS64 | affected Version 10.97.2affected Version 10.97.2 CFR1affected Version 10.97.2 CRF2affected Version 10.97.3 |
Mitsubishi Electric Corporation | ICONICS Suite | affected Version 10.97.2affected Version 10.97.2 CFR1affected Version 10.97.2 CRF2affected Version 10.97.3 |
Mitsubishi Electric Iconics Digital Solutions | ICONICS Suite | affected Version 10.97.2affected Version 10.97.2 CFR1affected Version 10.97.2 CRF2affected Version 10.97.3 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now