CVE-2023-5275

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.

Published: Nov 30, 2023
Updated: Dec 6, 2023
CVE: CVE-2023-5275
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.7
AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
mitsubishielectric / gx_works2	-	-

https://jvn.jp/vu/JVNVU98760962/index.html
https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf

Vulnerability Database

289,871

CVE-2023-5275