Hard-coded Password Vulnerability in Mitsubishi Electric GX Works3 Software
CVE-2022-29831
7.5HIGH
Key Information:
- Status
- Vendor
- CVE Published:
- 25 November 2022
What is CVE-2022-29831?
A hard-coded password vulnerability exists in Mitsubishi Electric Corporation's GX Works3 software, specifically affecting versions from 1.015R to 1.095Z. This flaw allows remote, unauthenticated attackers to access sensitive project file information related to MELSEC safety CPU modules. The vulnerability poses a significant risk as it enables potential information disclosure that can be exploited for further attacks or unauthorized access.
Affected Version(s)
GX Works3 from 1.015R to 1.095Z