What is the severity of CVE-2024-8299?

CVE-2024-8299 is classified as a high-severity vulnerability due to its potential for local code execution by an authenticated attacker.

How do I fix CVE-2024-8299?

To mitigate CVE-2024-8299, ensure that all software versions of ICONICS GENESIS64, Mitsubishi Electric GENESIS64, and Mitsubishi Electric MC Works64 are updated to the latest patched versions provided by the vendors.

Who is affected by CVE-2024-8299?

CVE-2024-8299 affects all versions of ICONICS GENESIS64 and Mitsubishi Electric GENESIS64 and MC Works64.

What type of attack does CVE-2024-8299 facilitate?

CVE-2024-8299 facilitates a local authenticated attack that allows the execution of malicious code through a specially crafted DLL.

Is user authentication required to exploit CVE-2024-8299?

Yes, an attacker must have local authenticated access to exploit CVE-2024-8299.

Vulnerability/
CVE-2024-8299

high

7.8

CWE

427

28/11/2024

6/12/2024

CVE-2024-8299: Malicious Code Execution Vulnerability in GENESIS64 and MC Works64

First published: Thu Nov 28 2024(Updated: )

Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.

Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Affected Software	Affected Version	How to fix
GENESIS64 AlarmWorX Multimedia	<=
ICONICS GENESIS64	<=
Mitsubishi Electric MC-WORX Suite	<=

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-8299?
CVE-2024-8299 is classified as a high-severity vulnerability due to its potential for local code execution by an authenticated attacker.
How do I fix CVE-2024-8299?
To mitigate CVE-2024-8299, ensure that all software versions of ICONICS GENESIS64, Mitsubishi Electric GENESIS64, and Mitsubishi Electric MC Works64 are updated to the latest patched versions provided by the vendors.
Who is affected by CVE-2024-8299?
CVE-2024-8299 affects all versions of ICONICS GENESIS64 and Mitsubishi Electric GENESIS64 and MC Works64.
What type of attack does CVE-2024-8299 facilitate?
CVE-2024-8299 facilitates a local authenticated attack that allows the execution of malicious code through a specially crafted DLL.
Is user authentication required to exploit CVE-2024-8299?
Yes, an attacker must have local authenticated access to exploit CVE-2024-8299.

agent/title
agent/weakness
agent/first-publish-date
agent/description
agent/type
agent/author
agent/severity
agent/event
collector/nvd-api
source/NVD
agent/references
agent/last-modified-date
collector/mitre-cve
source/MITRE
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/iconics
canonical/genesis64 alarmworx multimedia
vendor/mitsubishi electric
canonical/iconics genesis64
canonical/mitsubishi electric mc-worx suite

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.