CVE-2022-29825

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C

Description The issue is related to the use of hard-coded passwords in the software, allowing an unauthenticated attacker to disclose sensitive information. This can result in unauthenticated users being able to view programs and project files or execute programs illegally. The vulnerability can be exploited by a remote attacker to gain access to protected information.

Recommendations For Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, consider changing or removing the hard-coded password to prevent unauthorized access. For GT Designer3 Version1 (GOT2000) versions from 1.122C to 1.290C, restrict access to sensitive information and project files until a patch or update is available that addresses the hard-coded password issue. As a temporary workaround, consider disabling any features that rely on the hard-coded password until a secure update is applied.