What is the vulnerability ID for this Mitsubishi Electric GX Works3 vulnerability?

The vulnerability ID for this Mitsubishi Electric GX Works3 vulnerability is CVE-2022-29827.

What is the severity of CVE-2022-29827?

The severity of CVE-2022-29827 is high, with a severity value of 7.5.

What is the affected software version range for CVE-2022-29827?

The affected software versions for CVE-2022-29827 are GX Works3 versions from 1.000A to 1.011M and versions from 1.015R to 1.086Q, including version 1.087R and later.

What is the impact of CVE-2022-29827?

CVE-2022-29827 allows a remote unauthenticated attacker to disclose sensitive information, resulting in the ability to view programs and project files or execute programs illegally.

Where can I find more information about CVE-2022-29827?

You can find more information about CVE-2022-29827 at the following references: [1] https://jvn.jp/vu/JVNVU97244961/index.html [2] https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05 [3] https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf

Vulnerability/
CVE-2022-29827

high

7.5

CWE

798 321

24/11/2022

3/8/2024

CVE-2022-29827

First published: Thu Nov 24 2022(Updated: )

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally.

Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Affected Software	Affected Version	How to fix
Mitsubishielectric Gx Works3	>=1.000a<=1.011m
Mitsubishielectric Gx Works3	>=1.015r<=1.086q
Mitsubishielectric Gx Works3	>=1.087r





Mitsubishi Electric 1.096A and later (affected by CVE-2022-29827, CVE-2022-29828, CVE-2022-29832, CVE-2022-29833)
Mitsubishi Electric MX OPC UA Module Configurator-R: 1.08J and prior (affected by CVE-2022-25164)

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-22-333-05

Frequently Asked Questions

What is the vulnerability ID for this Mitsubishi Electric GX Works3 vulnerability?
The vulnerability ID for this Mitsubishi Electric GX Works3 vulnerability is CVE-2022-29827.
What is the severity of CVE-2022-29827?
The severity of CVE-2022-29827 is high, with a severity value of 7.5.
What is the affected software version range for CVE-2022-29827?
The affected software versions for CVE-2022-29827 are GX Works3 versions from 1.000A to 1.011M and versions from 1.015R to 1.086Q, including version 1.087R and later.
What is the impact of CVE-2022-29827?
CVE-2022-29827 allows a remote unauthenticated attacker to disclose sensitive information, resulting in the ability to view programs and project files or execute programs illegally.
Where can I find more information about CVE-2022-29827?
You can find more information about CVE-2022-29827 at the following references: [1] https://jvn.jp/vu/JVNVU97244961/index.html [2] https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05 [3] https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf

collector/nvd-index
agent/weakness
agent/type
agent/first-publish-date
agent/last-modified-date
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup
agent/severity
agent/references
agent/author
agent/tags
agent/description
agent/softwarecombine
agent/event
collector/mitre-cve
source/MITRE
vendor/mitsubishielectric
canonical/mitsubishielectric gx works3
version/mitsubishielectric gx works3/1.000a
version/mitsubishielectric gx works3/1.011m
version/mitsubishielectric gx works3/1.015r
version/mitsubishielectric gx works3/1.086q
version/mitsubishielectric gx works3/1.087r
vendor/mitsubishi electric
canonical/mitsubishi electric 1.096a and later (affected by cve-2022-29827, cve-2022-29828, cve-2022-29832, cve-2022-29833)
canonical/mitsubishi electric mx opc ua module configurator-r: 1.08j and prior (affected by cve-2022-25164)