CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-40264

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.4%

CVSS Severity

CVSS v3 Score 6.3

References

Products affected by CVE-2022-40264

Iconics » Genesis64 » Version: 10.96

cpe:2.3:a:iconics:genesis64:10.96
Iconics » Genesis64 » Version: 10.96.1

cpe:2.3:a:iconics:genesis64:10.96.1
Iconics » Genesis64 » Version: 10.96.2

cpe:2.3:a:iconics:genesis64:10.96.2
Iconics » Genesis64 » Version: 10.97

cpe:2.3:a:iconics:genesis64:10.97
Iconics » Genesis64 » Version: 10.97.1

cpe:2.3:a:iconics:genesis64:10.97.1
Iconics » Genesis64 » Version: 10.97.2

cpe:2.3:a:iconics:genesis64:10.97.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-40264

Products

Pricing

Contact Us