CVE-2022-33317
First published: Wed Jul 20 2022(Updated: )
Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes.
Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ICONICS GENESIS64 | =10.97 | |
| ICONICS GENESIS64 | =10.97.1 | |
| Mitsubishielectric Mc Works64 | <=10.95.210.01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-33317?
CVE-2022-33317 is a vulnerability that allows an unauthenticated attacker to execute arbitrary malicious code in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior.
What is the severity of CVE-2022-33317?
The severity of CVE-2022-33317 is high, with a CVSS score of 7.8.
How does CVE-2022-33317 affect ICONICS GENESIS64?
CVE-2022-33317 affects ICONICS GENESIS64 versions 10.97.1 and prior.
How does CVE-2022-33317 affect Mitsubishi Electric MC Works64?
CVE-2022-33317 affects Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior.
How can I fix CVE-2022-33317?
To fix CVE-2022-33317, update to a version of ICONICS GENESIS64 later than 10.97.1 or update to a version of Mitsubishi Electric MC Works64 later than 4.04E (10.95.210.01).
- collector/nvd-index
- vendor/iconics
- canonical/iconics genesis64
- version/iconics genesis64/10.97
- version/iconics genesis64/10.97.1
- vendor/mitsubishielectric
- canonical/mitsubishielectric mc works64
- version/mitsubishielectric mc works64/10.95.210.01