216.73.216.233

CVE-2024-7587

· Published 23/10/2024 01:15 · Modified 09/01/2026 07:41 · Author: The MITRE Corporation

Labels: CVE-2024-7587 2024-10-22CVE-2024-7587CWE-276[email protected]

Essential information

Published
23/10/2024 01:15
Modified
09/01/2026 07:41
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/C:H/I:H/A:H

CVSS metrics

Description

Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric GENESIS32 versions 9.70.300.23 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.70.300.23 and prior, and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to disclose or tamper with confidential information and data contained in the products, or cause a denial of service (DoS) condition on the products, by accessing a folder with incorrect permissions, when GenBroker32 is installed on the same PC as GENESIS64, ICONICS Suite, MC Works64, or GENESIS32.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
iconics / genesis64 cpe:2.3:a:iconics:genesis64:*:*:*:*:*:*:*:*
mitsubishielectric / mc works64 cpe:2.3:a:mitsubishielectric:mc_works64:-:*:*:*:*:*:*:*

References

Related entities

Attack reports, intrusion sets, malwares, attack patterns and indicators linked to this vulnerability.

Attack reports (4)