Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 and Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
History

Fri, 06 Dec 2024 05:45:00 +0000

Type Values Removed Values Added
References

Fri, 29 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Iconics
Iconics genesis64
Mitsubishielectric
Mitsubishielectric genesis64
CPEs cpe:2.3:a:iconics:genesis64:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*
Vendors & Products Iconics
Iconics genesis64
Mitsubishielectric
Mitsubishielectric genesis64
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 28 Nov 2024 22:45:00 +0000

Type Values Removed Values Added
Description Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 and Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
Title Malicious Code Execution Vulnerability in GENESIS64
Weaknesses CWE-561
References
Metrics cvssV3_1

{'score': 7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Mitsubishi

Published: 2024-11-28T22:18:28.358Z

Updated: 2024-12-06T05:21:38.917Z

Reserved: 2024-08-29T06:26:41.397Z

Link: CVE-2024-8300

cve-icon Vulnrichment

Updated: 2024-11-29T18:53:17.308Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-28T23:15:04.743

Modified: 2024-12-06T06:15:23.070

Link: CVE-2024-8300

cve-icon Redhat

No data.