CVE-2020-14496

EPSS 0.13%
Veröffentlicht 19.05.2022 18:15:08
Zuletzt bearbeitet 21.11.2024 05:03:23
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mitsubishielectric ≫ Cpu Module Logging Configuration Tool Version < 1.106k

Mitsubishielectric ≫ Cw Configurator Version < 1.011m

Mitsubishielectric ≫ Data Transfer Version < 3.41t

Mitsubishielectric ≫ Em Configurator Version < 1.015r

Mitsubishielectric ≫ Ezsocket Version < 4.6

Mitsubishielectric ≫ Fr Configurator2 Version < 1.23z

Mitsubishielectric ≫ Gt Designer3 Version < 1.236w

Mitsubishielectric ≫ Gt Softgot1000 Version < 3.245f

Mitsubishielectric ≫ Gt Softgot2000 Version < 1.236w

Mitsubishielectric ≫ Gx Logviewer Version < 1.106k

Mitsubishielectric ≫ Gx Works2 Version < 1.595v

Mitsubishielectric ≫ Gx Works3 Version < 1.065t

Mitsubishielectric ≫ M Commdtm-hart Version < 1.01b

Mitsubishielectric ≫ M Commdtm-io-link Version < 1.04e

Mitsubishielectric ≫ Melfa-works Version < 4.4

Mitsubishielectric ≫ Melsoft Fielddeviceconfigurator Version < 1.04e

Mitsubishielectric ≫ Melsoft Navigator Version < 2.70y

Mitsubishielectric ≫ Mh11 Settingtool Version2 Version < 2.003d

Mitsubishielectric ≫ Motorizer Version < 1.010l

Mitsubishielectric ≫ Mr Configurator2 Version < 1.106l

Mitsubishielectric ≫ Mt Works2 Version < 1.160s

Mitsubishielectric ≫ Mx Component Version < 4.20w

Mitsubishielectric ≫ Network Interface Board Cc-link Ver.2 Utility Version < 1.24a

Mitsubishielectric ≫ Network Interface Board Cc Ie Control Utility Version < 1.30g

Mitsubishielectric ≫ Network Interface Board Cc Ie Field Utility Version < 1.17t

Mitsubishielectric ≫ Network Interface Board Mneth Utility Version < 35m

Mitsubishielectric ≫ Px Developer Version < 1.53f

Mitsubishielectric ≫ Rt Toolbox2 Version < 3.73b

Mitsubishielectric ≫ Rt Toolbox3 Version < 1.80j

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.332

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
ics-cert@hq.dhs.gov	8.3	1.6	6	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-02

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2020-14496

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-14496

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-14496

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2020-14496