Every CVE whose affected-product data names Iconics Genesis64, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2020-12007 — CVSS 9.8 (critical): A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition…
CVE-2022-23128 — CVSS 9.8 (critical): Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01)…
CVE-2020-12011 — CVSS 9.8 (critical): A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code…
CVE-2022-33318 — CVSS 9.8 (critical): Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics…
CVE-2020-12013 — CVSS 9.1 (critical): A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects…
CVE-2022-33319 — CVSS 8.2 (high): Out-of-bounds Read vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions…
CVE-2024-7587 — CVSS 7.8 (high): Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for Mitsubishi Electric GENESIS64 versions…
CVE-2021-27041 — CVSS 7.8 (high): A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. This vulnerability can be…
CVE-2022-33315 — CVSS 7.8 (high): Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics…
CVE-2022-33316 — CVSS 7.8 (high): Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics…
CVE-2022-33317 — CVSS 7.8 (high): Inclusion of Functionality from Untrusted Control Sphere vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1…
CVE-2022-33320 — CVSS 7.8 (high): Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics…
CVE-2022-29834 — CVSS 7.5 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mitsubishi Electric GENESIS64 versions…
CVE-2020-12015 — CVSS 7.5 (high): A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition due to improper…
CVE-2020-12009 — CVSS 7.5 (high): A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserialization…
CVE-2022-40264 — CVSS 6.3 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64…
CVE-2022-23130 — CVSS 5.9 (medium): Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and…
CVE-2022-23129 — CVSS 5.5 (medium): Plaintext Storage of a Password vulnerability in Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior and ICONICS…
CVE-2021-27040 — CVSS 3.3 (low): A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be…