← Back to home
ICSA-22-202-04  ·  Published 2026-02-24  ·  View on CISA ICS-CERT ↗

ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)

CVSS 9.8 CRITICAL

CVEs (7)

Remediations

  • For Users using GENESIS64 and ICONICS Suite Version 10.97.1, please download and update to "10.97.1 Critical Fixes Rollup 3" from the ICONICS Community Portal (https://iconicsinc.my.site.com/community/s/software-update/a355a000003WwejAAC/10971-critical-fixes-rollup-3), a web site operated by ICONICS. To download it, you need to create an account on this site and then enter a Support WorX Plan Number described in "SupportWorX License Information", which is shipped with the product.
  • For Users using GENESIS64 and ICONICS Suite Version 10.97, please download and update to "10.97 Critical Fixes Rollup 4" from the ICONICS Community Portal (https://iconicsinc.my.site.com/community/s/software-update/a355a000003O4zLAAS/1097-critical-fixes-rollup-4), a web site operated by ICONICS. To download it, you need to create an account on this site and then enter a Support WorX Plan Number described in "SupportWorX License Information", which is shipped with the product.
  • Additional information and useful links are found on Mitsubishi Electric's security advisory.
  • Additional information and useful links are found on the ICONICS GENESIS64 security updates page.
  • For customers of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends locating control system networks and devices behind firewalls and isolate them from untrusted networks and hosts, to minimize the risk of exploiting this vulnerability.
  • For customers of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends avoiding clicking on web links in e-mails from unreliable sources, and avoiding opening attachments to untrusted emails, to minimize the risk of exploiting this vulnerability.
  • There are no plans to release a security update for MC Works64. Please refer to the Mitsubishi Electric security advisory and take the actions mentioned there.
  • For customers of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends avoiding clicking on web links in e-mails from unreliable sources. Also, do not open attachments to untrusted emails, to minimize the risk of exploiting this vulnerability.
  • There are no plans to release a security update for GENESIS32. Please refer to the Mitsubishi Electric security advisory and take the actions mentioned there.

Affected Vendors

Mitsubishi Electric Mitsubishi Electric Iconics Digital Solutions

Affected Products (7)

Mitsubishi Electric · GENESIS64 >=10.97|<=10.97.1
Mitsubishi Electric · ICONICS Suite >=10.97|<=10.97.1
Mitsubishi Electric · MC Works64 <=4.04E
Mitsubishi Electric · GENESIS32 <=9.7
Mitsubishi Electric Iconics Digital Solutions · GENESIS64 >=10.97|<=10.97.1
Mitsubishi Electric Iconics Digital Solutions · ICONICS Suite >=10.97|<=10.97.1
Mitsubishi Electric Iconics Digital Solutions · GENESIS32 <=9.7

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more