CVE-2020-12011

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02) ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior ICONICS GenBroker32 version 9.5 and prior

Description: A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. The issue is related to a buffer overflow, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations: For Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, update to a version later than 4.02C. For Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02), update to a version later than 3.00A. For ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior, update to a version later than 10.96. For ICONICS GenBroker32 version 9.5 and prior, update to a version later than 9.5. As a temporary workaround, consider restricting access to the vulnerable components until a patch is available.