mitsubishielectric c_controller_interface_module_utility 缺省权限不正确
CVE编号
CVE-2020-14521利用情况
暂无补丁情况
N/A披露时间
2022-02-12漏洞描述
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-04 | |
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-007_en.pdf |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | cc-link_ie_control_network_data_collector | 1.00a | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | cc-link_ie_field_network_data_collector | 1.00a | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | cc-link_ie_tsn_data_collector | 1.00a | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | cpu_module_logging_configuration_tool | * | Up to (including) 1.100e | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | cw_configurator | * | Up to (including) 1.010l | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | c_controller_interface_module_utility | * | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | c_controller_interface_module_utility | * | Up to (including) 1.04e | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | c_controller_module_setting_and_monitoring_tool | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | data_transfer | * | Up to (including) 3.42u | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | ezsocket | * | Up to (including) 5.1 | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | fr_configurator2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | fr_configurator_sw3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | got1000 | * | Up to (including) 1.241b | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | got2000 | * | Up to (including) 1.241b | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | gt_designer2_classic | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | gt_softgot1000 | * | From (including) 3.0 | Up to (including) 3.200j | ||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | gt_softgot2000 | * | From (including) 1.0 | Up to (including) 1.241b | ||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | gx_developer | * | Up to (including) 8.504a | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | gx_logviewer | * | Up to (including) 1.100e | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | gx_works2 | * | Up to (including) 1.601b | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | gx_works3 | * | Up to (including) 1.063r | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | melfa-works | * | Up to (including) 4.4 | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | melsec_wincpu_setting_utility | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | melsoft_complete_clean_up_tool | * | Up to (including) 1.06g | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | melsoft_em_software_development_kit | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | melsoft_iq_appportal | * | Up to (including) 1.17t | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | melsoft_navigator | * | Up to (including) 2.74c | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mi_configurator | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | motion_control_setting | * | Up to (including) 1.005f | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | motorizer | * | Up to (including) 1.005f | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mr_configurator2 | * | Up to (including) 1.125f | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mtconnect_data_collector | * | Up to (including) 1.1.4.0 | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mt_works2 | * | Up to (including) 1.167z | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mx_component | * | Up to (including) 4.20w | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mx_mesinterface | * | Up to (including) 1.21x | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mx_mesinterface-r | * | Up to (including) 1.12n | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | mx_sheet | * | Up to (including) 2.15r | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | m_commdtm-io-link | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | network_interface_board_cc-link_ver.2_utility | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | network_interface_board_cc_ie_control_utility | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | network_interface_board_cc_ie_field_utility | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | network_interface_board_mneth_utility | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | position_board_utility_2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | px_developer | * | Up to (including) 1.53f | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | rt_toolbox2 | * | Up to (including) 3.73b | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | rt_toolbox3 | * | Up to (including) 1.82l | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | setting/monitoring_tools_for_the_c_controller_module | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | mitsubishielectric | slmp_data_collector | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 高
- 完整性 高
| CWE-ID | 漏洞类型 |
| CWE-276 | 缺省权限不正确 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论