ГлавнаяУязвимости → CVE-2024-22106
7.8высокая

CVE-2024-22106

Описание

Improper privilege management in Jungo WinDriver before 12.5.1 allows local attackers to escalate privileges, execute arbitrary code, or cause a Denial of Service (DoS).

Затрагиваемое ПО
Jungo WindriverMitsubishielectric Cpu module logging configuration toolMitsubishielectric Cw configuratorMitsubishielectric Data transferMitsubishielectric Data transfer classicMitsubishielectric EzsocketMitsubishielectric Fr configurator sw3Mitsubishielectric Fr configurator2Mitsubishielectric Genesis64Mitsubishielectric Gt got1000Mitsubishielectric Gt got2000Mitsubishielectric Gt softgot1000Mitsubishielectric Gt softgot2000Mitsubishielectric Gx developerMitsubishielectric Gx logviewerMitsubishielectric Gx works2Mitsubishielectric Gx works3Mitsubishielectric Iq worksMitsubishielectric Mi configuratorMitsubishielectric Mr configuratorMitsubishielectric Mr configurator2Mitsubishielectric Mx componentMitsubishielectric Mx opc server da\/uaMitsubishielectric Numerical control device communicationMitsubishielectric Px developer\/monitor tool
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://jungo.com/windriver/versions/https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdfhttps://jungo.com/windriver/versions/https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf