CVE-2024-22103 | Mitsubishi Electric CPU Module Logging Configuration Tool out-of-bounds write (icsa-24-135-04)

A vulnerability was found in Mitsubishi Electric CPU Module Logging Configuration Tool, CSGL, CW Configurator, Data Transfer, Data Transfer Classic, EZSocket, FR Configurator SW3, FR Configurator2, GENESIS64, GT Designer3, GT SoftGOT1000, GT SoftGOT2000, GX Developer, GX LogViewer, GX Works2, GX Works3, iQ Works, MI Configurator, Numerical Control Device Communication Software, MR Configurator, MR Configurator2, MRZJW3-MC2-UTL, MX Component, MX OPC Server DA UA, PX Developer Monitor Tool, RT ToolBox3, RT VisualBox, Monitoring tools for the C Controller Module, SW0DNC-MNETH-B, SW1DNC-CCBD2-B, SW1DNC-CCIEF-J, SW1DNC-CCIEF-B, SW1DNC-MNETG-B, SW1DNC-QSCCF-B and SW1DND-EMSDK-B. It has been classified as critical. Affected is an unknown function. The manipulation leads to out-of-bounds write.

This vulnerability is traded as CVE-2024-22103. It is possible to launch the attack on the local host. There is no exploit available.

CVE-2024-22103 | Mitsubishi Electric CPU Module Logging Configuration Tool out-of-bounds write (icsa-24-135-04)

Post correlati

CVE-2023-52454 | Linux Kernel up to 6.7.1 nvmet-tcp nvmet_tcp_build_pdu_iovec null pointer dereference

CVE-2024-36444 | Swissphone DiCal-RED 2.cgi Log cgi-bin/fdmcgiwebv2.cgi information disclosure (SYSS-2024-040)

CVE-2023-51771 | starnight MicroHttpServer up to a8ab029 URI lib/server.c _ParseHeader buffer overflow

CVE-2024-45113 | Adobe ColdFusion up to 2021.12/2023.6 improper authentication (apsb24-14)