CVE-2022-29831

Summary

Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions from 1.015R to 1.095Z allows a remote unauthenticated attacker to obtain information about the project file for MELSEC safety CPU modules.

Affected Software

VendorProductVersion RangeStatus
Mitsubishi Electric CorporationGX Works3from 1.015R to 1.095Zaffected

Weaknesses

  • CWE-259: CWE-259 Use of Hard-coded Password

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References