CVE-2024-1574
CVSS V2 None
CVSS V3 None
Description
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in the licensing feature of ICONICS GENESIS64 versions 10.97 to 10.97.2, Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.2 and Mitsubishi Electric MC Works64 all versions allows a local attacker to execute a malicious code with administrative privileges by tampering with a specific file that is not protected by the system.
Overview
- CVE ID
- CVE-2024-1574
- Assigner
- Mitsubishi
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-04T09:02:35.260Z
- Last Modified Date
- 2024-07-04T09:02:35.260Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-004_en.pdf | vendor-advisory |
| https://jvn.jp/vu/JVNVU98894016/ | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-03 | government-resource |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-1574 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1574 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-05 13:03:56 | Added to TrackCVE |