CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
34.5%
Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes.
Vendor | Product | Version | CPE |
---|---|---|---|
iconics | genesis64 | 10.97 | cpe:2.3:a:iconics:genesis64:10.97:*:*:*:*:*:*:* |
iconics | genesis64 | 10.97.1 | cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:* |
mitsubishielectric | mc_works64 | * | cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:* |
[
{
"product": "ICONICS GENESIS64; Mitsubishi Electric MC Works64",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ICONICS GENESIS64 versions 10.97.1 and prior"
},
{
"status": "affected",
"version": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior"
}
]
}
]
More