Vulnerability in Mitsubishi Electric Corporation Analytix
CVE-2025-7376
Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3…
EPSS: 0.002 (8.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N.
Affected products
- Mitsubishi Electric Corporation Analytix — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Genesis — versions version 11.00
- Mitsubishi Electric Corporation Genesis64 — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Hyper Historian — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Iconics Suite — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Iotworx — versions version 10.95
- Mitsubishi Electric Corporation Mc Works64 — versions all versions
- Mitsubishi Electric Corporation Mobilehmi — versions versions 10.97.3 and prior
- Mitsubishi Electric Iconics Digital Solutions Analytix — versions versions 10.97.3 and prior
- Mitsubishi Electric Iconics Digital Solutions Genesis — versions version 11.00
Weakness classification (CWE)
References
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp (government-resource)
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp (vendor-advisory)
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp (government-resource)
Frequently asked questions
- What is CVE-2025-7376?
- CVE-2025-7376 is a medium-severity vulnerability in Mitsubishi Electric Corporation Analytix, classified under CWE-64. CVSS score: 5.9/10. Published 2025-08-06.
- How severe is CVE-2025-7376?
- Medium severity. CVSS v3 base score is 5.9 out of 10.