CVE-2023-5274
2.5
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mitsubishi Electric Corporation | GX Works2 | all versions | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf
- https://jvn.jp/vu/JVNVU98760962/index.html
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf
- https://jvn.jp/vu/JVNVU98760962/index.html
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.