7.8
CVE-2024-8299
- EPSS 0.03%
- Veröffentlicht 28.11.2024 23:15:03
- Zuletzt bearbeitet 09.01.2026 08:15:55
- Quelle Mitsubishielectric.Psirt@yd.Mi
- CVE-Watchlists
- Unerledigt
Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric ICONICS Suite all versions, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS32 all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellericonics
≫
Produkt
genesis64
Default Statusunaffected
Version <
*
Version
0
Status
affected
Herstellermitsubishielectric
≫
Produkt
mc_works64
Default Statusunaffected
Version <
*
Version
0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.067 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-427 Uncontrolled Search Path Element
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.