ICSA-23-331-03 · Published 2023-11-28 · View on CISA ICS-CERT ↗

Mitsubishi Electric GX Works2

CVSS 2.9 LOW

Risk Summary

Successful exploitation of these vulnerabilities could allow a Denial-of-service (DoS) due to improper input validation in the simulation function of GX Works2 by sending specially crafted packets.

CVEs (2)

CVE-2023-5274 CVE-2023-5275

Remediations

Mitsubishi Electric recommends that customers take the following mitigation measures to minimize the risk of exploiting this vulnerability:
For more information, see the Mitsubishi security advisory.

Affected Vendors

Mitsubishi Electric Corporation

Affected Products (1)

Mitsubishi Electric Corporation · GX Works2 vers:all/*

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more