7 CVE-2024-8300
Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
https://nvd.nist.gov/vuln/detail/CVE-2024-8300
Categories
CWE-561 : Dead Code
Dead code is code that can never be executed in a running program. The surrounding code makes it impossible for a section of code to ever be executed.
References
Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
AFFECTED (from MITRE)
| Vendor |
Product |
Versions |
| Mitsubishi Electric Corporation |
GENESIS64 |
- Version 10.97.2 [affected]
- Version 10.97.2 CFR1 [affected]
- Version 10.97.2 CRF2 [affected]
- Version 10.97.3 [affected]
|
| Mitsubishi Electric Iconics Digital Solutions |
GENESIS64 |
- Version 10.97.2 [affected]
- Version 10.97.2 CFR1 [affected]
- Version 10.97.2 CRF2 [affected]
- Version 10.97.3 [affected]
|
| Mitsubishi Electric Corporation |
ICONICS Suite |
- Version 10.97.2 [affected]
- Version 10.97.2 CFR1 [affected]
- Version 10.97.2 CRF2 [affected]
- Version 10.97.3 [affected]
|
| Mitsubishi Electric Iconics Digital Solutions |
ICONICS Suite |
- Version 10.97.2 [affected]
- Version 10.97.2 CFR1 [affected]
- Version 10.97.2 CRF2 [affected]
- Version 10.97.3 [affected]
|
| © 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. |
CPE
REMEDIATION
EXPLOITS
Exploit-db.com
| id |
description |
date |
|
| No known exploits |
POC Github
Other Nist (github, ...)
CAPEC
Common Attack Pattern Enumerations and Classifications
| id |
description |
severity |
| No entry |
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
Discover this offer
