Lucene search
MitreCVE-2024-25086HistoryJul 02, 2024 - 4:15 p.m.
CVE-2024-25086
2024-07-0216:15:04
CWE-269
CWE-94
mitre
web.nvd.nist.gov
26
cve-2024-25086
improper privilege management
local attackers
arbitrary code execution
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
5.3%
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
Affected configurations
Node
jungowindriverRange<12.2.0
Node
mitsubishielectriccpu_module_logging_configuration_tool
ORmitsubishielectriccw_configurator
ORmitsubishielectricdata_transfer
ORmitsubishielectricdata_transfer_classic
ORmitsubishielectricezsocket
ORmitsubishielectricfr_configurator_sw3
ORmitsubishielectricfr_configurator2
ORmitsubishielectricgenesis64
ORmitsubishielectricgt_got1000
ORmitsubishielectricgt_got2000
ORmitsubishielectricgt_softgot1000
ORmitsubishielectricgt_softgot2000
ORmitsubishielectricgx_developer
ORmitsubishielectricgx_logviewer
ORmitsubishielectricgx_works2
ORmitsubishielectricgx_works3
ORmitsubishielectriciq_works
ORmitsubishielectricmi_configurator
ORmitsubishielectricmr_configurator
ORmitsubishielectricmr_configurator2
ORmitsubishielectricmx_component
ORmitsubishielectricmx_opc_server_da\/ua
ORmitsubishielectricnumerical_control_device_communication
ORmitsubishielectricpx_developer\/monitor_tool
ORmitsubishielectricrt_toolbox3
ORmitsubishielectricrt_visualbox
Node
mitsubishielectricmrzjw3-mc2-utl_firmware
mitsubishielectricmrzjw3-mc2-utlMatch-
Node
mitsubishielectricsw0dnc-mneth-b_firmware
mitsubishielectricsw0dnc-mneth-bMatch-
Node
mitsubishielectricsw1dnc-ccbd2-b_firmware
mitsubishielectricsw1dnc-ccbd2-bMatch-
Node
mitsubishielectricsw1dnc-ccief-j_firmware
mitsubishielectricsw1dnc-ccief-jMatch-
Node
mitsubishielectricsw1dnc-ccief-b_firmware
mitsubishielectricsw1dnc-ccief-bMatch-
Node
mitsubishielectricsw1dnc-mnetg-b_firmware
mitsubishielectricsw1dnc-mnetg-bMatch-
Node
mitsubishielectricsw1dnc-qsccf-b_firmware
mitsubishielectricsw1dnc-qsccf-bMatch-
Node
mitsubishielectricsw1dnd-emsdk-b_firmware
mitsubishielectricsw1dnd-emsdk-bMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| jungo | windriver | * | cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:* |
| mitsubishielectric | cpu_module_logging_configuration_tool | * | cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:* |
| mitsubishielectric | cw_configurator | * | cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:* |
| mitsubishielectric | data_transfer | * | cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:* |
| mitsubishielectric | data_transfer_classic | * | cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:* |
| mitsubishielectric | ezsocket | * | cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:* |
| mitsubishielectric | fr_configurator_sw3 | * | cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:* |
| mitsubishielectric | fr_configurator2 | * | cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:* |
| mitsubishielectric | genesis64 | * | cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:* |
| mitsubishielectric | gt_got1000 | * | cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2024-25086
2024-07-02 00:00:00
cvelist
cvelist
CVE-2024-25086
2024-07-02 00:00:00
nvd
nvd
CVE-2024-25086
2024-07-02 16:15:04
ics
ics
Mitsubishi Electric Multiple FA Engineering Software Products
2024-05-14 12:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
5.3%
Related for CVE-2024-25086