Inclusion of Functionality Vulnerability in ICONICS GENESIS64 and Mitsubishi Electric MC Works64
CVE-2022-33317

7.8HIGH

Key Information:

Vendor

Mitsubishi Electric

Status
Genesis64
Iconics Suite
Mc Works64
Vendor
CVE Published:
20 July 2022

What is CVE-2022-33317?

This vulnerability allows unauthenticated attackers to execute arbitrary malicious code in ICONICS GENESIS64 versions 10.97.1 and earlier, as well as Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and earlier. By enticing a user to load a malicious monitoring screen file containing harmful script codes, attackers can exploit this flaw, leading to potential unauthorized access and control over the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

GENESIS64 Versions 10.97 to 10.97.1

GENESIS64 Versions 10.97 to 10.97.1

ICONICS Suite Versions 10.97 to 10.97.1

References

https://www.mitsubishielectric.com/en/psirt/vulnerability...
vendor-advisory
https://jvn.jp/vu/JVNVU96480474/index.html
government-resource
https://www.cisa.gov/news-events/ics-advisories/icsa-22-2...
government-resource

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.