How to fix CVE-2025-10314?

Within 24 hours: Identify all systems running FREQSHIP-mini versions 8.0.0-8.0.2 and isolate them from general user access; restrict local user privileges to the installation directory. Within 7 days: Implement file integrity monitoring (FIM) on the FREQSHIP-mini installation directory and enforce strict access controls; document all affected systems and prioritize for remediation. Within 30 days: Upgrade to a patched version when available from Mitsubishi Electric, or migrate to alternative software if no patch timeline is provided; conduct security audit of affected systems for signs of prior compromise.

Is Windows affected by CVE-2025-10314?

CVE-2025-10314 affects Mitsubishi Electric FREQSHIP-mini for Windows (versions 8.0.0-8.0.2) and allows local attackers to gain system-level code execution through file replacement in the installation directory.

CVE-2025-10314

HIGH

2026-02-05 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 05, 2026 - 03:15 nvd

HIGH 8.8

Description

Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files (EXE) or DLLs in the installation directory with specially crafted files. As a result, the attacker may be able to disclose, tamper with, delete, or destroy information stored on the PC where the affected product is installed, or cause a Denial of Service (DoS) condition on the affected system.

Analysis

Technical Context

This vulnerability (CWE-276: Incorrect Default Permissions) affects Mitsubishi Electric Corporation FREQSHIP-mini for Windows. Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files (EXE) or DLLs in the installation directory with specially crafted files. As a result, the attacker may be able to disclose, tamper with, delete, or destroy information stored on the PC where the affected product is installed, or cause a Denial of Service (DoS

Affected Products

Product: Mitsubishi Electric Corporation FREQSHIP-mini for Windows.

Remediation

Monitor vendor advisories for a patch.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +44

POC: 0

CVE-2025-10314 vulnerability details – vuln.today

Back

CVE-2025-10314

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-10314

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code