CVE-2024-1182 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-1182 PUBLISHED CVSS 7 HIGH

Uncontrolled Search Path Element vulnerability in Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite all versions, Mitsubishi Electric ICONICS Suite all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric GENESIS32 all versions, and Mitsubishi Electric MC Works64 all versions allows a local attacker to execute a malicious code by storing a specially crafted DLL in a specific folder when GENESIS64, ICONICS Suite, GENESIS32, and MC Works64 are installed with the Pager agent in the alarm multi-agent notification feature.

EPSS 0.06% · 18.2th percentile

Risk Scores

CVSS v3.1

7

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.06%

18.2th percentile

Affected Products

Vendor	Product	Versions
Mitsubishi Electric Iconics Digital Solutions	GENESIS32	all versions
Mitsubishi Electric Corporation	ICONICS Suite	all versions
iconics	genesis64	0
Mitsubishi Electric Corporation	MC Works64	all versions
Mitsubishi Electric Corporation	GENESIS64	all versions
mitsubishielectric	mc_works64	0
Mitsubishi Electric Iconics Digital Solutions	ICONICS Suite	all versions
Mitsubishi Electric Iconics Digital Solutions	GENESIS64	all versions
Mitsubishi Electric Corporation	GENESIS32	all versions

Timeline

Jul 4, 2024 CVE Published
Jul 5, 2024 EPSS Score
Jul 26, 2024 EPSS Score
Aug 21, 2024 EPSS Score
Sep 11, 2024 EPSS Score
Oct 3, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 24, 2024 EPSS Score
Nov 15, 2024 EPSS Score
Dec 7, 2024 EPSS Score
Dec 29, 2024 EPSS Score
Jan 19, 2025 EPSS Score

References

Open in Interactive Console →