6.5
CVE-2025-0921
- EPSS 0.03%
- Veröffentlicht 15.05.2025 22:36:37
- Zuletzt bearbeitet 09.01.2026 08:15:56
- Quelle Mitsubishielectric.Psirt@yd.Mi
- CVE-Watchlists
- Unerledigt
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric ICONICS Suite all versions, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS version 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions BizViz all versions allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMitsubishi Electric Corporation
≫
Produkt
GENESIS64
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Corporation
≫
Produkt
MC Works64
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Iconics Digital Solutions
≫
Produkt
GENESIS64
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Corporation
≫
Produkt
GENESIS
Default Statusunaffected
Version
version 11.00
Status
affected
HerstellerMitsubishi Electric Iconics Digital Solutions
≫
Produkt
GENESIS
Default Statusunaffected
Version
version 11.00
Status
affected
HerstellerMitsubishi Electric Corporation
≫
Produkt
ICONICS Suite
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Iconics Digital Solutions
≫
Produkt
ICONICS Suite
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Corporation
≫
Produkt
GENESIS32
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Iconics Digital Solutions
≫
Produkt
GENESIS32
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Corporation
≫
Produkt
BizViz
Default Statusunaffected
Version
all versions
Status
affected
HerstellerMitsubishi Electric Iconics Digital Solutions
≫
Produkt
BizViz
Default Statusunaffected
Version
all versions
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.067 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp | 6.5 | 2 | 4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
|
CWE-250 Execution with Unnecessary Privileges
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.