CVE-2020-12009

Summary

A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserialization vulnerability. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server v10.96 and prior; ICONICS GenBroker32 v9.5 and prior.

Affected Software

VendorProductVersion RangeStatus
Mitsubishi ElectricMC Works644.02C (10.95.208.31) and earlieraffected
Mitsubishi ElectricMC Works64all versionsaffected
Mitsubishi ElectricMC Works32Version 3.00A (9.50.255.02)affected
ICONICSGenBroker64, Platform Services, Workbench, FrameWorX Serverv10.96 and prioraffected
ICONICSGenBroker32v9.5 and prioraffected

Weaknesses

  • CWE-502: DESERIALIZATION OF UNTRUSTED DATA CWE-502

ADP Enrichment

CVE Program Container

Additional References

References