CVE-2024-1182

Name of the Vulnerable Software and Affected Versions ICONICS GENESIS64 all versions Mitsubishi Electric GENESIS64 all versions Mitsubishi Electric MC Works64 all versions

Description The issue allows a local attacker to execute malicious code by storing a specially crafted DLL in a specific folder when GENESIS64 and MC Works64 are installed with the Pager agent in the alarm multi-agent notification feature.

Recommendations For ICONICS GENESIS64 all versions, consider disabling the alarm multi-agent notification feature until a patch is available. For Mitsubishi Electric GENESIS64 all versions, restrict access to the specific folder where the malicious DLL can be stored to minimize the risk of exploitation. For Mitsubishi Electric MC Works64 all versions, avoid using the Pager agent in the alarm multi-agent notification feature until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.