CVE-2022-29829

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric GX Works3 versions 1.000A through 1.090U GT Designer3 Version1 (GOT2000) versions 1.122C through 1.290C Motion Control Setting (GX Works3 related software) versions 1.035M through 1.042U

Description The issue allows a remote unauthenticated attacker to disclose sensitive information due to the use of a hard-coded cryptographic key. This enables unauthenticated users to view programs and project files or execute programs illegally.

Recommendations For GX Works3 versions 1.000A through 1.090U, update to a version that does not use a hard-coded cryptographic key. For GT Designer3 Version1 (GOT2000) versions 1.122C through 1.290C, update to a version that does not use a hard-coded cryptographic key. For Motion Control Setting (GX Works3 related software) versions 1.035M through 1.042U, update to a version that does not use a hard-coded cryptographic key. As a temporary workaround, consider restricting access to sensitive information and project files to minimize the risk of exploitation.