CVE-2019-10972

Summary

Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vulnerability can be triggered when an attacker provides the target with a rogue project file (.frc2). Once a user opens the rogue project, CPU exhaustion occurs, which causes the software to quit responding until the application is restarted.

Affected Software

VendorProductVersion RangeStatus
Mitsubishi ElectricMitsubishi Electric FR Configurator2Version 1.16S and prioraffected

Weaknesses

  • CWE-400: UNCONTROLLED RESOURCE CONSUMPTION CWE-400

ADP Enrichment

CVE Program Container

Additional References

References