PT-2022-19857 · Mitsubishi · Mitsubishi Electric Gx Works3+1
Anton Dorfman
+3
·
Published
2022-11-24
·
Updated
2023-05-31
·
CVE-2022-29826
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Mitsubishi Electric GX Works3 versions 1.000A through 1.087R
Motion Control Setting (GX Works3 related software) versions 1.000A through 1.042U
Description
The issue allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users may view programs and project files or execute programs illegally.
Recommendations
For Mitsubishi Electric GX Works3 versions 1.000A through 1.087R, update to a version that fixes the Cleartext Storage of Sensitive Information issue.
For Motion Control Setting (GX Works3 related software) versions 1.000A through 1.042U, update to a version that fixes the Cleartext Storage of Sensitive Information issue.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mitsubishi Electric Gx Works3
Motion Control Setting