CVE-2023-5275: Input Validation
First published: Tue Nov 21 2023(Updated: )
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.
Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitsubishielectric Gx Works2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-5275?
CVE-2023-5275 is an Improper Input Validation vulnerability in the simulation function of GX Works2, which allows an attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets.
How severe is CVE-2023-5275?
CVE-2023-5275 has a severity rating of 4.7, which is considered medium.
What is the affected software?
The affected software is Mitsubishi Electric GX Works2.
How can an attacker exploit CVE-2023-5275?
An attacker can exploit CVE-2023-5275 by sending specially crafted packets from within the same personal computer where the function is running.
Are there any fixes or patches available for CVE-2023-5275?
For information regarding fixes or patches for CVE-2023-5275, please refer to the official advisories provided by Mitsubishi Electric and CISA.
- collector/mitre-cve
- collector/nvd-api
- agent/severity
- agent/references
- agent/author
- agent/type
- vendor/mitsubishielectric
- canonical/mitsubishielectric gx works2