CVE-2022-33318
First published: Wed Jul 20 2022(Updated: )
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64 server.
Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ICONICS GENESIS64 | =10.97 | |
| ICONICS GENESIS64 | =10.97.1 | |
| Mitsubishielectric Mc Works64 | <=10.95.210.01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-33318?
The severity of CVE-2022-33318 is critical.
How does CVE-2022-33318 affect ICONICS GENESIS64?
CVE-2022-33318 affects ICONICS GENESIS64 versions 10.97.1 and prior.
How does CVE-2022-33318 affect Mitsubishi Electric MC Works64?
CVE-2022-33318 affects Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior.
How can an attacker exploit CVE-2022-33318?
An attacker can exploit CVE-2022-33318 by sending specially crafted packets to the GENESIS64 or MC Works64 system.
Is there a fix available for CVE-2022-33318?
Yes, patches and updates are available to fix CVE-2022-33318. Please refer to the vendor's advisory for more information.
- collector/nvd-index
- vendor/iconics
- canonical/iconics genesis64
- version/iconics genesis64/10.97
- version/iconics genesis64/10.97.1
- vendor/mitsubishielectric
- canonical/mitsubishielectric mc works64
- version/mitsubishielectric mc works64/10.95.210.01