Vulnerability Details CVE-2023-5247
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.2%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2023-5247
-
cpe:2.3:a:mitsubishielectric:gx_works3:-
-
cpe:2.3:a:mitsubishielectric:gx_works3:1.060n
-
cpe:2.3:a:mitsubishielectric:gx_works3:1.063r
-
cpe:2.3:a:mitsubishielectric:gx_works3:1.065t
-
cpe:2.3:a:mitsubishielectric:gx_works3:1.070y
-
cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:-
-
cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:1.14q
-
cpe:2.3:a:mitsubishielectric:melsoft_iq_appportal:1.17t
-
cpe:2.3:a:mitsubishielectric:melsoft_navigator:-
-
cpe:2.3:a:mitsubishielectric:melsoft_navigator:1.04e
-
cpe:2.3:a:mitsubishielectric:melsoft_navigator:2.62q
-
cpe:2.3:a:mitsubishielectric:melsoft_navigator:2.70y
-
cpe:2.3:a:mitsubishielectric:melsoft_navigator:2.74c
-
cpe:2.3:a:mitsubishielectric:motion_control_setting:-
-
cpe:2.3:a:mitsubishielectric:motion_control_setting:1.005f
-
cpe:2.3:a:mitsubishielectric:motion_control_setting:1.006g