First published: Thu Jul 16 2020(Updated: )
A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; MC Works32 version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior; GenBroker32 version 9.5 and prior.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Mitsubishielectric Mc Works | <=10.95.208.31 | |
Mitsubishielectric Mc Works32 | =9.50.255.02 | |
Iconics Energy Analytix | ||
Iconics Facility Analytix | ||
ICONICS GENESIS64 | ||
ICONICS Hyper Historian | ||
ICONICS MobileHMI | ||
Iconics Quality Analytix | ||
Iconics Smart Energy Analytix | ||
ICONICS BizViz | ||
ICONICS GENESIS32 | ||
ICONICS GENESIS64 | ||
ICONICS Hyper Historian | ||
ICONICS AnalytiX | ||
ICONICS MobileHMI | ||
Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions | ||
Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-12011 is a vulnerability that allows for denial-of-service attacks and remote code execution in Mitsubishi Electric MC Works64 and MC Works32, as well as ICONICS software.
The severity of CVE-2020-12011 is rated as critical with a CVSS score of 9.8.
Mitsubishi Electric MC Works64 versions 4.02C and earlier, MC Works32 version 3.00A, and various ICONICS software versions are affected by CVE-2020-12011.
CVE-2020-12011 can be exploited by sending a specially crafted communication packet to the affected systems, leading to a denial-of-service condition or allowing remote code execution.
More information about CVE-2020-12011 can be found on the official US-CERT ICS advisories: [ICS-20-170-02](https://us-cert.cisa.gov/ics/advisories/icsa-20-170-02) and [ICS-20-170-03](https://us-cert.cisa.gov/ics/advisories/icsa-20-170-03).