Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Gt_softgot2000
(Mitsubishielectric)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 21 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-07-02 | CVE-2024-22103 | Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | Windriver, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Data_transfer_classic, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Genesis64, Gt_got1000, Gt_got2000, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, Iq_works, Mi_configurator, Mr_configurator, Mr_configurator2, Mrzjw3\-Mc2\-Utl_firmware, Mx_component, Mx_opc_server_da\/ua, Numerical_control_device_communication, Px_developer\/monitor_tool, Rt_toolbox3, Rt_visualbox, Sw0dnc\-Mneth\-B_firmware, Sw1dnc\-Ccbd2\-B_firmware, Sw1dnc\-Ccief\-B_firmware, Sw1dnc\-Ccief\-J_firmware, Sw1dnc\-Mnetg\-B_firmware, Sw1dnc\-Qsccf\-B_firmware, Sw1dnd\-Emsdk\-B_firmware | 5.5 | ||
2024-07-02 | CVE-2024-22106 | Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS). | Windriver, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Data_transfer_classic, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Genesis64, Gt_got1000, Gt_got2000, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, Iq_works, Mi_configurator, Mr_configurator, Mr_configurator2, Mrzjw3\-Mc2\-Utl_firmware, Mx_component, Mx_opc_server_da\/ua, Numerical_control_device_communication, Px_developer\/monitor_tool, Rt_toolbox3, Rt_visualbox, Sw0dnc\-Mneth\-B_firmware, Sw1dnc\-Ccbd2\-B_firmware, Sw1dnc\-Ccief\-B_firmware, Sw1dnc\-Ccief\-J_firmware, Sw1dnc\-Mnetg\-B_firmware, Sw1dnc\-Qsccf\-B_firmware, Sw1dnd\-Emsdk\-B_firmware | 7.8 | ||
2024-07-02 | CVE-2023-51778 | Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | Windriver, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Data_transfer_classic, Ezsocket, Fr_configurator2, Fr_configurator_sw3, Genesis64, Gt_got1000, Gt_got2000, Gt_softgot1000, Gt_softgot2000, Gx_developer, Gx_logviewer, Gx_works2, Gx_works3, Iq_works, Mi_configurator, Mr_configurator, Mr_configurator2, Mrzjw3\-Mc2\-Utl_firmware, Mx_component, Mx_opc_server_da\/ua, Numerical_control_device_communication, Px_developer\/monitor_tool, Rt_toolbox3, Rt_visualbox, Sw0dnc\-Mneth\-B_firmware, Sw1dnc\-Ccbd2\-B_firmware, Sw1dnc\-Ccief\-B_firmware, Sw1dnc\-Ccief\-J_firmware, Sw1dnc\-Mnetg\-B_firmware, Sw1dnc\-Qsccf\-B_firmware, Sw1dnd\-Emsdk\-B_firmware | 5.5 | ||
2021-08-05 | CVE-2021-20592 | Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions 1.170C through 1.256S allows a remote unauthenticated attacker to cause DoS condition on the MODBUS/TCP slave communication function of the products by rapidly and repeatedly connecting and... | Got2000_gt23_firmware, Got2000_gt25_firmware, Got2000_gt27_firmware, Gt_softgot2000 | 7.5 | ||
2021-02-19 | CVE-2021-20588 | Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA Engineering Software(CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000)... | C_controller_module_setting_and_monitoring_tool, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Ezsocket, Fr_configurator, Fr_configurator2, Fr_configurator_sw3, Gt_designer3, Gt_softgot1000, Gt_softgot2000, Gx_configurator\-Dp, Gx_configurator\-Qp, Gx_developer, Gx_explorer, Gx_iec_developer, Gx_logviewer, Gx_remoteservice\-I, Gx_works2, Gx_works3, Iq_monozukuri_andon, Iq_monozukuri_process_remote_monitoring, M_commdtm\-Hart, M_commdtm\-Io\-Link, Melfa\-Works, Melsec_wincpu_setting_utility, Melsoft_em_software_development_kit, Melsoft_navigator, Mh11_settingtool_version2, Mi_configurator, Mt_works2, Mx_component, Network_interface_board_cc\-Link, Network_interface_board_cc_ie_control_utility, Network_interface_board_cc_ie_field_utility, Network_interface_board_mneth_utility, Px_developer, Rt_toolbox2, Rt_toolbox3, Setting\/monitoring_tools_for_the_c_controller_module, Slmp_data_collector | 9.8 | ||
2023-08-04 | CVE-2023-0525 | Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions 01.49.000 and prior, GS21 model versions 01.49.000 and prior, GT Designer3 Version1 (GOT2000) versions 1.295H and prior and GT SoftGOT2000 versions 1.295H and prior allows a remote unauthenticated... | Gs21_firmware, Gs25_firmware, Gt21_firmware, Gt23_firmware, Gt25_firmware, Gt27_firmware, Gt_designer3, Gt_softgot2000 | 7.5 | ||
2023-02-02 | CVE-2022-40268 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to lead legitimate users to perform unintended operations through clickjacking. | Gt25_firmware, Gt27_firmware, Gt_softgot2000 | 4.7 | ||
2023-02-02 | CVE-2022-40269 | Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to disclose sensitive information from users' browsers or spoof legitimate users by abusing inappropriate HTML attributes. | Gt25_firmware, Gt27_firmware, Gt_softgot2000 | 8.1 | ||
2021-02-19 | CVE-2021-20587 | Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions 1.250L and prior, GT... | C_controller_module_setting_and_monitoring_tool, Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Ezsocket, Fr_configurator, Fr_configurator2, Fr_configurator_sw3, Gt_designer3, Gt_softgot1000, Gt_softgot2000, Gx_configurator\-Dp, Gx_configurator\-Qp, Gx_developer, Gx_explorer, Gx_iec_developer, Gx_logviewer, Gx_remoteservice\-I, Gx_works2, Gx_works3, Iq_monozukuri_andon, Iq_monozukuri_process_remote_monitoring, M_commdtm\-Hart, M_commdtm\-Io\-Link, Melfa\-Works, Melsec_wincpu_setting_utility, Melsoft_em_software_development_kit, Melsoft_navigator, Mh11_settingtool_version2, Mi_configurator, Mt_works2, Mx_component, Network_interface_board_cc\-Link, Network_interface_board_cc_ie_control_utility, Network_interface_board_cc_ie_field_utility, Network_interface_board_mneth_utility, Px_developer, Rt_toolbox2, Rt_toolbox3, Setting\/monitoring_tools_for_the_c_controller_module, Slmp_data_collector | 9.8 | ||
2022-05-19 | CVE-2020-14496 | Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed. | Cpu_module_logging_configuration_tool, Cw_configurator, Data_transfer, Em_configurator, Ezsocket, Fr_configurator2, Gt_designer3, Gt_softgot1000, Gt_softgot2000, Gx_logviewer, Gx_works2, Gx_works3, M_commdtm\-Hart, M_commdtm\-Io\-Link, Melfa\-Works, Melsoft_fielddeviceconfigurator, Melsoft_navigator, Mh11_settingtool_version2, Motorizer, Mr_configurator2, Mt_works2, Mx_component, Network_interface_board_cc\-Link_ver\.2_utility, Network_interface_board_cc_ie_control_utility, Network_interface_board_cc_ie_field_utility, Network_interface_board_mneth_utility, Px_developer, Rt_toolbox2, Rt_toolbox3 | 9.8 |