CVE-2024-25086: Code Injection
First published: Tue Jul 02 2024(Updated: )
Improper privilege management in Jungo WinDriver before 12.2.0 allows local attackers to escalate privileges and execute arbitrary code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jungo WinDriver | <12.2.0 | |
| Mitsubishi Electric CPU Module Logging Configuration Tool | ||
| Mitsubishi Electric CW Configurator | ||
| Mitsubishi Electric Data Transfer | ||
| Mitsubishi Electric Data Transfer Classic | ||
| Mitsubishi Electric EZSocket | ||
| Mitsubishi Electric FR Configurator SW3 | ||
| Mitsubishi Electric FR Configurator2 Firmware | ||
| Mitsubishi Electric GENESIS64 | ||
| Mitsubishi Electric GT SoftGOT1000 | ||
| Mitsubishielectric GOT2000 | ||
| Mitsubishi Electric GT SoftGOT1000 | ||
| Mitsubishi Electric GT SoftGOT2000 | ||
| Mitsubishi Electric GX Developer | ||
| Mitsubishi Electric GX LogViewer | ||
| Mitsubishi Electric GX Works2 | ||
| Mitsubishi Electric GX Works3 | ||
| Mitsubishi Electric Iq Works | ||
| Mitsubishi Electric MI Configurator | ||
| Mitsubishi Electric MR Configurator | ||
| Mitsubishi Electric MR Configurator2 | ||
| Mitsubishi Electric MX Component | ||
| Mitsubishi Electric MX OPC Server DA/UA | ||
| Mitsubishi Electric Numerical Control Device Communication | ||
| Mitsubishi Electric PX Developer/Monitor Tool | ||
| Mitsubishi Electric RT Toolbox 3 | ||
| Mitsubishi Electric RT VisualBox | ||
| All of | ||
| Mitsubishi Electric MRZJW3-MC2-UTL | ||
| Mitsubishi Electric MRZJW3-MC2-UTL | ||
| All of | ||
| Mitsubishi Electric SW0DNC-MNETH-B Firmware | ||
| Mitsubishi Electric SW0DNC-MNETH-B Firmware | ||
| All of | ||
| Mitsubishi Electric SW1DNC-CCBD2-B | ||
| Mitsubishi Electric SW1DNC-CCBD2-B | ||
| All of | ||
| Mitsubishi Electric SW1DNC-CCIEF-J | ||
| Mitsubishi Electric SW1DNC-CCIEF-J | ||
| All of | ||
| Mitsubishi Electric SW1DNC-CCIEF-B Firmware | ||
| Mitsubishi Electric SW1DNC-CCIEF-B Firmware | ||
| All of | ||
| Mitsubishi Electric SW1DNC-MNETG-B Firmware | ||
| Mitsubishi Electric SW1DNC-MNETG-B Firmware | ||
| All of | ||
| Mitsubishi Electric SW1DNC-QSCCF-B | ||
| Mitsubishi Electric SW1DNC-QSCCF-B | ||
| All of | ||
| Mitsubishi Electric SW1DND-EMSDK-B | ||
| Mitsubishi Electric SW1DND-EMSDK-B |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-25086?
CVE-2024-25086 is classified with a high severity due to its potential for privilege escalation and arbitrary code execution.
What are the potential impacts of CVE-2024-25086?
The impact of CVE-2024-25086 includes unauthorized access and control over the affected systems, leading to security breaches.
How do I fix CVE-2024-25086?
To resolve CVE-2024-25086, users should update to Jungo WinDriver version 12.2.0 or later.
Which software is affected by CVE-2024-25086?
CVE-2024-25086 affects Jungo WinDriver versions prior to 12.2.0 and multiple Mitsubishi Electric software products.
Who is at risk of CVE-2024-25086?
Local attackers with access to the affected systems are at risk of exploiting CVE-2024-25086.
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- agent/severity
- agent/description
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/jungo
- canonical/jungo windriver
- vendor/mitsubishielectric
- canonical/mitsubishi electric cpu module logging configuration tool
- canonical/mitsubishi electric cw configurator
- canonical/mitsubishi electric data transfer
- canonical/mitsubishi electric data transfer classic
- canonical/mitsubishi electric ezsocket
- canonical/mitsubishi electric fr configurator sw3
- canonical/mitsubishi electric fr configurator2 firmware
- canonical/mitsubishi electric genesis64
- canonical/mitsubishi electric gt softgot1000
- canonical/mitsubishielectric got2000
- canonical/mitsubishi electric gt softgot2000
- canonical/mitsubishi electric gx developer
- canonical/mitsubishi electric gx logviewer
- canonical/mitsubishi electric gx works2
- canonical/mitsubishi electric gx works3
- canonical/mitsubishi electric iq works
- canonical/mitsubishi electric mi configurator
- canonical/mitsubishi electric mr configurator
- canonical/mitsubishi electric mr configurator2
- canonical/mitsubishi electric mx component
- canonical/mitsubishi electric mx opc server da/ua
- canonical/mitsubishi electric numerical control device communication
- canonical/mitsubishi electric px developer/monitor tool
- canonical/mitsubishi electric rt toolbox 3
- canonical/mitsubishi electric rt visualbox
- canonical/mitsubishi electric mrzjw3-mc2-utl
- canonical/mitsubishi electric sw0dnc-mneth-b firmware
- canonical/mitsubishi electric sw1dnc-ccbd2-b
- canonical/mitsubishi electric sw1dnc-ccief-j
- canonical/mitsubishi electric sw1dnc-ccief-b firmware
- canonical/mitsubishi electric sw1dnc-mnetg-b firmware
- canonical/mitsubishi electric sw1dnc-qsccf-b
- canonical/mitsubishi electric sw1dnd-emsdk-b