CVE-2023-5274

Sažetak

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.

Reference

https://jvn.jp/vu/JVNVU98760962/index.html
https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf

CVSS

Base:	4.7
Impact:	3.6
Exploitability:	1.0

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

05-12-2023 - 18:20

Objavljeno

30-11-2023 - 05:15