CVE-2020-12011
First published: Thu Jul 16 2020(Updated: )
A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; MC Works32 version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior; GenBroker32 version 9.5 and prior.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitsubishielectric Mc Works | <=10.95.208.31 | |
| Mitsubishielectric Mc Works32 | =9.50.255.02 | |
| Iconics Energy Analytix | ||
| Iconics Facility Analytix | ||
| ICONICS GENESIS64 | ||
| ICONICS Hyper Historian | ||
| ICONICS MobileHMI | ||
| Iconics Quality Analytix | ||
| Iconics Smart Energy Analytix | ||
| ICONICS BizViz | ||
| ICONICS GENESIS32 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-12011?
CVE-2020-12011 is a vulnerability that allows for denial-of-service attacks and remote code execution in Mitsubishi Electric MC Works64 and MC Works32, as well as ICONICS software.
What is the severity of CVE-2020-12011?
The severity of CVE-2020-12011 is rated as critical with a CVSS score of 9.8.
Which software versions are affected by CVE-2020-12011?
Mitsubishi Electric MC Works64 versions 4.02C and earlier, MC Works32 version 3.00A, and various ICONICS software versions are affected by CVE-2020-12011.
How can CVE-2020-12011 be exploited?
CVE-2020-12011 can be exploited by sending a specially crafted communication packet to the affected systems, leading to a denial-of-service condition or allowing remote code execution.
Where can I find more information about CVE-2020-12011?
More information about CVE-2020-12011 can be found on the official US-CERT ICS advisories: [ICS-20-170-02](https://us-cert.cisa.gov/ics/advisories/icsa-20-170-02) and [ICS-20-170-03](https://us-cert.cisa.gov/ics/advisories/icsa-20-170-03).
- collector/nvd-index
- agent/weakness
- agent/description
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- vendor/mitsubishielectric
- canonical/mitsubishielectric mc works
- version/mitsubishielectric mc works/10.95.208.31
- canonical/mitsubishielectric mc works32
- version/mitsubishielectric mc works32/9.50.255.02
- vendor/iconics
- canonical/iconics energy analytix
- canonical/iconics facility analytix
- canonical/iconics genesis64
- canonical/iconics hyper historian
- canonical/iconics mobilehmi
- canonical/iconics quality analytix
- canonical/iconics smart energy analytix
- canonical/iconics bizviz
- canonical/iconics genesis32