Skip to main content

Gx Works2

18 CVEs product

Monthly

CVE-2024-26314 HIGH This Week

Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Windriver Cpu Module Logging Configuration Tool Cw Configurator +32
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-25088 HIGH This Week

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Windriver Cpu Module Logging Configuration Tool Cw Configurator +32
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-25087 MEDIUM This Month

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windriver Cpu Module Logging Configuration Tool Cw Configurator +32
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-25086 HIGH This Week

Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection RCE Windriver Cpu Module Logging Configuration Tool Cw Configurator +32
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-22106 HIGH This Week

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Denial Of Service Windriver Cpu Module Logging Configuration Tool +33
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-22105 MEDIUM This Month

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windriver Cpu Module Logging Configuration Tool Cw Configurator +32
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-22104 MEDIUM This Month

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Denial Of Service Memory Corruption Windriver +34
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-22103 MEDIUM This Month

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Denial Of Service Memory Corruption Windriver +34
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-22102 MEDIUM This Month

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windriver Cpu Module Logging Configuration Tool Cw Configurator +32
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-5275 MEDIUM This Month

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Gx Works2
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2023-5274 MEDIUM This Month

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Gx Works2
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2021-20608 HIGH This Week

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gx Works2
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2021-20607 MEDIUM PATCH This Month

Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure Ezsocket Gx Works2 Melsoft Navigator
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-20606 MEDIUM PATCH This Month

Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ezsocket Gx Works2 Melsoft Navigator
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-20588 CRITICAL Act Now

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure C Controller Module Setting And Monitoring Tool Cpu Module Logging Configuration Tool Cw Configurator Data Transfer +37
NVD
CVSS 3.1
9.8
EPSS
5.9%
CVE-2021-20587 CRITICAL Act Now

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow C Controller Module Setting And Monitoring Tool Cpu Module Logging Configuration Tool Cw Configurator +38
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2020-5603 HIGH This Week

Uncontrolled resource consumption vulnerability in Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cpu Module Logging Configuration Tool Cw Configurator Em Configurator Gt Designer3 +16
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-5602 HIGH This Week

Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Cpu Module Logging Configuration Tool Cw Configurator Em Configurator Gt Designer3 +16
NVD
CVSS 3.1
7.5
EPSS
1.4%
EPSS 0% CVSS 7.8
HIGH This Week

Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Windriver +34
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges and execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Windriver +34
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windriver +34
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection RCE Windriver +34
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Denial Of Service +35
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windriver +34
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Denial Of Service +36
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Denial Of Service +36
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windriver +34
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Gx Works2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Gx Works2
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gx Works2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Integer Overflow Information Disclosure Ezsocket +2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, Mitsubishi Electric MELSOFT Navigator versions 2.84N and prior and Mitsubishi Electric EZSocket versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ezsocket +2
NVD
EPSS 6% CVSS 9.8
CRITICAL Act Now

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure C Controller Module Setting And Monitoring Tool Cpu Module Logging Configuration Tool +39
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow C Controller Module Setting And Monitoring Tool +40
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Uncontrolled resource consumption vulnerability in Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cpu Module Logging Configuration Tool Cw Configurator +18
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Cpu Module Logging Configuration Tool Cw Configurator +18
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy