CVE-2024-26314

EUVD-2024-23584
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
jungowindriver
6.0.0 ≤
𝑥
< 16.2.0
mitsubishielectriccpu_module_logging_configuration_tool
*
mitsubishielectriccw_configurator
*
mitsubishielectricdata_transfer
*
mitsubishielectricdata_transfer_classic
*
mitsubishielectricezsocket
*
mitsubishielectricfr_configurator_sw3
*
mitsubishielectricfr_configurator2
*
mitsubishielectricgenesis64
*
mitsubishielectricgt_got1000
*
mitsubishielectricgt_got2000
*
mitsubishielectricgt_softgot1000
*
mitsubishielectricgt_softgot2000
*
mitsubishielectricgx_developer
*
mitsubishielectricgx_logviewer
*
mitsubishielectricgx_works2
*
mitsubishielectricgx_works3
*
mitsubishielectriciq_works
*
mitsubishielectricmi_configurator
*
mitsubishielectricmr_configurator
*
mitsubishielectricmr_configurator2
*
mitsubishielectricmx_component
*
mitsubishielectricmx_opc_server_da\/ua
*
mitsubishielectricnumerical_control_device_communication
*
mitsubishielectricpx_developer\/monitor_tool
*
mitsubishielectricrt_toolbox3
*
mitsubishielectricrt_visualbox
*
mitsubishielectricmrzjw3-mc2-utl_firmware
*
mitsubishielectricsw0dnc-mneth-b_firmware
*
mitsubishielectricsw1dnc-ccbd2-b_firmware
*
mitsubishielectricsw1dnc-ccief-j_firmware
*
mitsubishielectricsw1dnc-ccief-b_firmware
*
mitsubishielectricsw1dnc-mnetg-b_firmware
*
mitsubishielectricsw1dnc-qsccf-b_firmware
*
mitsubishielectricsw1dnd-emsdk-b_firmware
*
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
mitsubishielectriccpu_module_logging_configuration_tool
𝑥
< *
ADP
mitsubishielectricgx_works2
𝑥
< *
ADP
mitsubishielectriccw_configurator
𝑥
< *
ADP
mitsubishielectricdata_transfer
𝑥
< *
ADP
mitsubishielectricezsocket
𝑥
< *
ADP
mitsubishielectricfr_configurator_sw3
𝑥
< *
ADP
mitsubishielectricfr_configurator2
𝑥
< *
ADP
iconicsgenesis64
𝑥
< *
ADP
mitsubishielectricgt_designer3
𝑥
< *
ADP
mitsubishielectricgt_softgot1000
𝑥
< *
ADP
mitsubishielectricgt_softgot2000
𝑥
< *
ADP
mitsubishielectricgx_developer
𝑥
< *
ADP
mitsubishielectricgx_logviewer
𝑥
< *
ADP
mitsubishielectricgx_works2
𝑥
< *
ADP
mitsubishielectricgx_works3
𝑥
< *
ADP
mitsubishielectricmelsoft_navigator
𝑥
< *
ADP
mitsubishielectricmi_configurator
𝑥
< *
ADP
mitsubishielectricfcsb1224
𝑥
< *
ADP
mitsubishielectricmr_configurator2
𝑥
< *
ADP
mitsubishielectricmrzjw3-mc2-utl
𝑥
< *
ADP
mitsubishielectricmx_component
𝑥
< *
ADP
mitsubishielectricmx_opc_server_da\/ua
𝑥
< *
ADP
mitsubishielectricpx_developer
𝑥
< *
ADP
mitsubishielectricrt_toolbox3
𝑥
< *
ADP
mitsubishielectricrt_visualbox
𝑥
< *
ADP
mitsubishielectricc_controller_module_setting_and_monitoring_tool
𝑥
< *
ADP
mitsubishielectricsw0dnc-mneth-b
𝑥
< *
ADP
mitsubishielectricsw1dnc-ccbd2-b
𝑥
< *
ADP
mitsubishielectricsw1dnc-ccief-j
𝑥
< *
ADP
mitsubishielectricsw1dnc-ccief-b
𝑥
< *
ADP
mitsubishielectricsw1dnc-mnetg-b
𝑥
< *
ADP
mitsubishielectricsw1dnc-qsccf-b
𝑥
< *
ADP
mitsubishielectricsw1dnd-emsdk-b
𝑥
< *
ADP
Common Weakness Enumeration
References
https://jungo.com/windriver/versions/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf
https://jungo.com/windriver/versions/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf