Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-14521— Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element

CVSS 8.3 · High EPSS 0.58% · P69
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-14521

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未经引用的搜索路径或元素
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mitsubishi Electric Factory Automation 多款产品代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mitsubishi Electric Factory Automation是Mitsubishi Electric公司的工业自动化产品。 多款Mitsubishi Electric Factory Automation 产品中存在代码问题漏洞。攻击者可利用该漏洞获取信息,修改信息并导致拒绝服务。以下产品及版本受到影响:Mitsubishi Electric C Controller Interface Module Utility;C Controller Module Setting and Moni
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Mitsubishi ElectricC Controller Interface Module Utility unspecified ~ Version 2.00 -
Mitsubishi ElectricCC-Link IE Control Network Data Collector Version 1.00A -
Mitsubishi ElectricCC-Link IE Field Network Data Collector Version 1.00A -
Mitsubishi ElectricCC-Link IE TSN Data Collector Version 1.00A -
Mitsubishi ElectricCPU Module Logging Configuration Tool unspecified ~ Version 1.100E -
Mitsubishi ElectricCW Configurator unspecified ~ Version 1.010L -
Mitsubishi ElectricData Transfer unspecified ~ Version 3.42U -
Mitsubishi ElectricEZSocket unspecified ~ Version 5.1 -
Mitsubishi ElectricFR Configurator SW3 All Versions -
Mitsubishi ElectricFR Configurator2 unspecified ~ Version 1.26C -
Mitsubishi ElectricGT Designer2 Classic All Versions -
Mitsubishi ElectricGT Designer3 Version1 (GOT1000) unspecified ~ Version 1.241B -
Mitsubishi ElectricGT Designer3 Version1 (GOT2000) unspecified ~ Version 1.241B -
Mitsubishi ElectricGT SoftGOT1000 Version3 unspecified ~ Version 3.200J -
Mitsubishi ElectricGT SoftGOT2000 Version1 unspecified ~ Version 1.241B -
Mitsubishi ElectricGX Developer unspecified ~ Version 8.504A -
Mitsubishi ElectricGX LogViewer unspecified ~ Version 1.100E -
Mitsubishi ElectricGX Works2 unspecified ~ Version 1.601B -
Mitsubishi ElectricGX Works3 unspecified ~ Version 1.063R -
Mitsubishi ElectricM_CommDTM-IO-Link unspecified ~ Version 1.03D -
Mitsubishi ElectricMELFA-Works unspecified ~ Version 4.4 -
Mitsubishi ElectricMELSEC WinCPU Setting Utility All Versions -
Mitsubishi ElectricMELSOFT Complete Clean Up Tool unspecified ~ Version 1.06G -
Mitsubishi ElectricMELSOFT EM Software Development Kit unspecified ~ Version 1.015R -
Mitsubishi ElectricMELSOFT iQ AppPortal unspecified ~ Version 1.17T -
Mitsubishi ElectricMELSOFT Navigator unspecified ~ Version 2.74C -
Mitsubishi ElectricMI Configurator unspecified ~ Version 1.004E -
Mitsubishi ElectricMotion Control Setting unspecified ~ Version 1.005F -
Mitsubishi ElectricMotorizer unspecified ~ Version 1.005F -
Mitsubishi ElectricMR Configurator2 unspecified ~ Version 1.125F -
Mitsubishi ElectricMT Works2 unspecified ~ Version 1.167Z -
Mitsubishi ElectricMTConnect Data Collector unspecified ~ Version 1.1.4.0 -
Mitsubishi ElectricMX Component unspecified ~ Version 4.20W -
Mitsubishi ElectricMX MESInterface unspecified ~ Version 1.21X -
Mitsubishi ElectricMX MESInterface-R unspecified ~ Version 1.12N -
Mitsubishi ElectricMX Sheet unspecified ~ Version 2.15R -
Mitsubishi ElectricNetwork Interface Board CC IE Control Utility unspecified ~ Version 1.29F -
Mitsubishi ElectricNetwork Interface Board CC IE Field Utility unspecified ~ Versions 1.16S -
Mitsubishi ElectricNetwork Interface Board CC-Link Ver.2 Utility unspecified ~ Version 1.23Z -
Mitsubishi ElectricNetwork Interface Board MNETH Utility unspecified ~ Version 34L -
Mitsubishi ElectricPosition Board utility 2 unspecified ~ Version 3.20 -
Mitsubishi ElectricPX Developer unspecified ~ Version 1.53F -
Mitsubishi ElectricRT ToolBox2 unspecified ~ Version 3.73B -
Mitsubishi ElectricRT ToolBox3 unspecified ~ Version 1.82L -
Mitsubishi ElectricSetting/Monitoring tools for the C Controller module unspecified ~ SW3PVC-CCPU Version 3.13P -
Mitsubishi ElectricSLMP Data Collector unspecified ~ Version 1.04E -

II. Public POCs for CVE-2020-14521

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-14521

登录查看更多情报信息。

IV. Related Vulnerabilities

Same vendor: Mitsubishi Electric
Same weakness: CWE-428

V. Comments for CVE-2020-14521

No comments yet

Leave a comment