CVE-2020-14496

Published May 19, 2022

Last updated 2 years ago

CVSS critical 9.8

Overview

Description: Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.
Source: ics-cert@hq.dhs.gov
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
ics-cert@hq.dhs.gov: CWE-275

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69A02BE6-633A-4A94-890C-586B3A42E19F",
            "versionEndExcluding": "1.106k"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60875630-C0F2-434E-8D11-51B44F62CBA5",
            "versionEndExcluding": "1.011m"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE83331F-B795-410A-8510-351945025444",
            "versionEndExcluding": "3.41t"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:em_configurator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0A01F0C-0B10-4906-9389-4D53AE3CD7FD",
            "versionEndExcluding": "1.015r"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9FFEA10-20FA-4B73-ACA5-AB7462820123",
            "versionEndExcluding": "4.6"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2877EB49-8A69-426B-B7EB-87DEF3975562",
            "versionEndExcluding": "1.23z"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:gt_designer3:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3393020-A6E6-431A-B572-E28948F6A970",
            "versionEndExcluding": "1.236w"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DC963D1-281A-48DE-B822-5254643C98E7",
            "versionEndExcluding": "3.245f"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20E2D739-F982-4ED4-ADFB-505777CF9888",
            "versionEndExcluding": "1.236w"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0809A627-EEC8-475E-997F-E3FAE2C39261",
            "versionEndExcluding": "1.106k"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F2B0AC1-1BEC-4D79-9995-527E3A770A66",
            "versionEndExcluding": "1.595v"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80BF474D-E018-4612-93FD-F3A661C13A6D",
            "versionEndExcluding": "1.065t"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:m_commdtm-hart:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C9ECB87-B07E-4E52-BF3F-8AD4AA03826B",
            "versionEndExcluding": "1.01b"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:m_commdtm-io-link:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50FA8FAD-3DF4-453C-A55C-5F622DD76460",
            "versionEndExcluding": "1.04e"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:melfa-works:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED888C84-4CD8-464A-A3A0-F623EB0F4920",
            "versionEndExcluding": "4.4"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:melsoft_fielddeviceconfigurator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE1E2976-38B4-4B1B-AC01-B3D8C26A1BB2",
            "versionEndExcluding": "1.04e"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01D32795-831A-43D6-9F90-82A67F5E9081",
            "versionEndExcluding": "2.70y"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:mh11_settingtool_version2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A6DE218-D030-4DDF-B504-B176DFE7662A",
            "versionEndExcluding": "2.003d"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:motorizer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FD24F8E-869B-413A-9BF1-555CF827F3C9",
            "versionEndExcluding": "1.010l"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "470498DC-4A30-4EC2-B9C7-B5348D2F1381",
            "versionEndExcluding": "1.106l"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7926DBE1-335C-40E2-AD74-AE89DC9A0095",
            "versionEndExcluding": "1.160s"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCBBBA97-3C41-423F-8534-098070E49A97",
            "versionEndExcluding": "4.20w"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_cc-link_ver.2_utility:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CFA2E01-1D66-40D6-8575-0E216376CC25",
            "versionEndExcluding": "1.24a"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_cc_ie_control_utility:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC15323-7468-4688-A9C2-01208B4849A4",
            "versionEndExcluding": "1.30g"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_cc_ie_field_utility:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F605A144-5A10-44C9-94DC-3B0D66E39431",
            "versionEndExcluding": "1.17t"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:network_interface_board_mneth_utility:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54DBB417-5543-4AEB-9467-6197868C8C18",
            "versionEndExcluding": "35m"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:px_developer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9987641F-1BD4-445A-86E4-778CFFFFEBD2",
            "versionEndExcluding": "1.53f"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:rt_toolbox2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A11F999D-CE97-49B6-9AF3-DD32D0E0779F",
            "versionEndExcluding": "3.73b"
          },
          {
            "criteria": "cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B03CE992-45F6-48EA-BE86-0041F0CDBEF7",
            "versionEndExcluding": "1.80j"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References