Vulnerability in Mitsubishi Electric Cpu Module Logging Configuration Tool
CVE-2020-14496
Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could c…
EPSS: 0.008 (52.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H.
Affected products
- Mitsubishi Electric Cpu Module Logging Configuration Tool — versions All
- Mitsubishi Electric Cw Configurator — versions All
- Mitsubishi Electric Data Transfer — versions All
- Mitsubishi Electric Ezsocket — versions All
- Mitsubishi Electric Fr Configurator2 — versions All
- Mitsubishi Electric Gt Designer3 Version1 (Got2000) — versions All
- Mitsubishi Electric Gt Softgot1000 Version3 — versions All
- Mitsubishi Electric Gt Softgot2000 Version1 — versions All
- Mitsubishi Electric Gx Logviewer — versions All
- Mitsubishi Electric Gx Works2 — versions All
Weakness classification (CWE)
References
- ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-14496?
- CVE-2020-14496 is a high-severity vulnerability in Mitsubishi Electric Cpu Module Logging Configuration Tool, classified under Permission Issues. CVSS score: 8.3/10. Published 2022-05-19.
- How severe is CVE-2020-14496?
- High severity. CVSS v3 base score is 8.3 out of 10.