CVE-2020-14496

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.3 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
icscertCNA
8.3 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
mitsubishielectriccpu_module_logging_configuration_tool
𝑥
< 1.106k
mitsubishielectriccw_configurator
𝑥
< 1.011m
mitsubishielectricdata_transfer
𝑥
< 3.41t
mitsubishielectricem_configurator
𝑥
< 1.015r
mitsubishielectricezsocket
𝑥
< 4.6
mitsubishielectricfr_configurator2
𝑥
< 1.23z
mitsubishielectricgt_designer3
𝑥
< 1.236w
mitsubishielectricgt_softgot1000
𝑥
< 3.245f
mitsubishielectricgt_softgot2000
𝑥
< 1.236w
mitsubishielectricgx_logviewer
𝑥
< 1.106k
mitsubishielectricgx_works2
𝑥
< 1.595v
mitsubishielectricgx_works3
𝑥
< 1.065t
mitsubishielectricm_commdtm-hart
𝑥
< 1.01b
mitsubishielectricm_commdtm-io-link
𝑥
< 1.04e
mitsubishielectricmelfa-works
𝑥
< 4.4
mitsubishielectricmelsoft_fielddeviceconfigurator
𝑥
< 1.04e
mitsubishielectricmelsoft_navigator
𝑥
< 2.70y
mitsubishielectricmh11_settingtool_version2
𝑥
< 2.003d
mitsubishielectricmotorizer
𝑥
< 1.010l
mitsubishielectricmr_configurator2
𝑥
< 1.106l
mitsubishielectricmt_works2
𝑥
< 1.160s
mitsubishielectricmx_component
𝑥
< 4.20w
mitsubishielectricnetwork_interface_board_cc-link_ver.2_utility
𝑥
< 1.24a
mitsubishielectricnetwork_interface_board_cc_ie_control_utility
𝑥
< 1.30g
mitsubishielectricnetwork_interface_board_cc_ie_field_utility
𝑥
< 1.17t
mitsubishielectricnetwork_interface_board_mneth_utility
𝑥
< 35m
mitsubishielectricpx_developer
𝑥
< 1.53f
mitsubishielectricrt_toolbox2
𝑥
< 3.73b
mitsubishielectricrt_toolbox3
𝑥
< 1.80j
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-02
https://www.cisa.gov/uscert/ics/advisories/icsa-20-212-02