CVE-2024-8300— Malicious Code Execution Vulnerability in GENESIS64 and ICONICS Suite
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-8300
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Malicious Code Execution Vulnerability in GENESIS64 and ICONICS Suite
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
死代码
Source: NVD (National Vulnerability Database)
Vulnerability Title
ICONICS GENESIS64 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ICONICS GENESIS64是美国ICONICS公司的一款专为 Microsoft 操作系统设计的高级 HMI SCADA 解决方案套件。 ICONICS GENESIS64存在安全漏洞,该漏洞源于存在死代码漏洞,导致本地经过身份验证的攻击者可以通过篡改特制的DLL来执行恶意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Mitsubishi Electric Corporation | GENESIS64 | Version 10.97.2 | - | |
| Mitsubishi Electric Iconics Digital Solutions | GENESIS64 | Version 10.97.2 | - | |
| Mitsubishi Electric Corporation | ICONICS Suite | Version 10.97.2 | - | |
| Mitsubishi Electric Iconics Digital Solutions | ICONICS Suite | Version 10.97.2 | - |
II. Public POCs for CVE-2024-8300
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-8300
请登录查看更多情报信息。
- ICONICS and Mitsubishi Electric Products | CISAgovernment-resource
- https://nvd.nist.gov/vuln/detail/CVE-2024-8300
Same Patch Batch · Mitsubishi Electric Corporation · 2024-11-28 · 3 CVEs total
| CVE-2024-9852 | 7.8 HIGH | Malicious Code Execution Vulnerability in GENESIS64, ICONICS Suite, Hyper Historian, MC Wo |
| CVE-2024-8299 | 7.8 HIGH | Malicious Code Execution Vulnerability in GENESIS64, ICONICS Suite, Hyper Historian, MC Wo |
IV. Related Vulnerabilities
Same product: GENESIS64
- CVE-2025-14816
Information Disclosure, Tampering, and Denial-of-Service Vul - CVE-2025-14815
Information Disclosure, Tampering, and Denial-of-Service Vul - CVE-2025-11774
Malicious Code Execution Vulnerability in the Software Keybo - CVE-2025-7376
Information Tampering Vulnerability in Multiple Processes of - CVE-2025-0921
Information Tampering Vulnerability in Multiple Services of
Same vendor: Mitsubishi Electric Corporation
- CVE-2025-14816
Information Disclosure, Tampering, and Denial-of-Service Vul - CVE-2025-14815
Information Disclosure, Tampering, and Denial-of-Service Vul - CVE-2025-2399
Denial of Service (DoS) Vulnerability in Mitsubishi Electric - CVE-2026-1876
Denial-of-Service (DoS) vulnerability in Ethernet function o - CVE-2026-1875
Denial-of-Service (DoS) vulnerability in Ethernet function o
V. Comments for CVE-2024-8300
No comments yet