Vulnerability CVE-2017-9634


Published: 2018-04-17

Description:
Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash.

Type:

CWE-787

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Mitsubishielectric -> E-designer 

 References:
http://www.securityfocus.com/bid/100097
https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01

Copyright 2024, cxsecurity.com

 

Back to Top