ICSA-13-140-01
·
Published 2025-06-25
·
View on CISA ICS-CERT ↗
Mitsubishi Electric Automation MX Component V3 ActiveX Vulnerability
CVSS 10.0
CRITICAL
CVEs (1)
Remediations
- Mitsubishi recommends upgrading to the latest version (MX Component 4.03) that is not affected by this vulnerability. Customers can contact Mitsubishi-Automation Service and Support, (http://www.mitsubishi-automation.com/service/support.html), Web site last accessed May 20, 2013. support and service for more information.
- CitectFacilities and CitectSCADA only distributed a trial version of Mitsubishi MX Component Version 3 as complimentary software, which is not installed by default. It is not licensed by Schneider Electric. Schneider Electric has released a security notification Important security notification - possible vulnerability within Mitsubishi MX Component Version 3 distributed by CitectFacilities, (http://www.citect.schneider-electric.com/security-mitsubishi), Web site last accessed May 20, 2013. for CitectFacilities and CitectSCADA products that distributed a complimentary trial version of Mitsubishi MX Component Version 3.
Affected Vendors
Mitsubishi Electric
Affected Products (3)
Mitsubishi Electric
·
Automation MX Component
3
Mitsubishi Electric
·
CitectFacilities
<=v7.10
Mitsubishi Electric
·
CitectSCADA
<=v7.0
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more