CVE-2024-25088 | Mitsubishi Electric CPU Module Logging Configuration Tool privileges management (icsa-24-135-04)

A vulnerability, which was classified as critical, was found in Mitsubishi Electric CPU Module Logging Configuration Tool, CSGL, CW Configurator, Data Transfer, Data Transfer Classic, EZSocket, FR Configurator SW3, FR Configurator2, GENESIS64, GT Designer3, GT SoftGOT1000, GT SoftGOT2000, GX Developer, GX LogViewer, GX Works2, GX Works3, iQ Works, MI Configurator, Numerical Control Device Communication Software, MR Configurator, MR Configurator2, MRZJW3-MC2-UTL, MX Component, MX OPC Server DA UA, PX Developer Monitor Tool, RT ToolBox3, RT VisualBox, Monitoring tools for the C Controller Module, SW0DNC-MNETH-B, SW1DNC-CCBD2-B, SW1DNC-CCIEF-J, SW1DNC-CCIEF-B, SW1DNC-MNETG-B, SW1DNC-QSCCF-B and SW1DND-EMSDK-B. Affected is an unknown function. The manipulation leads to improper privilege management.

This vulnerability is traded as CVE-2024-25088. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-25088 | Mitsubishi Electric CPU Module Logging Configuration Tool privileges management (icsa-24-135-04)

Related Posts

CVE-2024-48910 | cure53 DOMPurify up to 2.4.1 prototype pollution

CVE-2024-22836 | Akaunting up to 3.1.3 Company Locale os command injection

CVE-2024-3165 | dotCMS 22.02 Dashboard log file (Issue 27910)

CVE-2024-35011 | idcCMS 1.35 infoType_deal.php cross-site request forgery