CVE-2023-6942
CVE-2023-6942
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
30 ene 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) versions 1.325P and prior, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E to 2.102G, MT Works2 versions 1.190Y and prior, MX Component versions 4.00A to 5.007H and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Productos afectados
Mitsubishi Electric Corporation · EZSocketMitsubishi Electric Corporation · GT Designer3 Version1(GOT1000)Mitsubishi Electric Corporation · GT Designer3 Version1(GOT2000)Mitsubishi Electric Corporation · GX Works2Mitsubishi Electric Corporation · GX Works3Mitsubishi Electric Corporation · MELSOFT NavigatorMitsubishi Electric Corporation · MT Works2Mitsubishi Electric Corporation · MX ComponentMitsubishi Electric Corporation · MX OPC Server DA/UA¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →