Vulnerability Description
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitsubishielectric | Gx Works2 | All versions |
Related Weaknesses (CWE)
References
- https://jvn.jp/vu/JVNVU98760962/index.htmlThird Party Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03Third Party AdvisoryUS Government Resource
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdfVendor Advisory
- https://jvn.jp/vu/JVNVU98760962/index.htmlThird Party Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03Third Party AdvisoryUS Government Resource
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdfVendor Advisory
FAQ
What is CVE-2023-5274?
CVE-2023-5274 is a vulnerability with a CVSS score of 2.5 (LOW). Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. Howeve...
How severe is CVE-2023-5274?
CVE-2023-5274 has been rated LOW with a CVSS base score of 2.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-5274?
Check the references section above for vendor advisories and patch information. Affected products include: Mitsubishielectric Gx Works2.