Description

Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.

INFO

Published Date :

2024-11-28T22:20:28.303Z

Last Modified :

2026-04-08T13:38:42.201Z

Source :

Mitsubishi
AFFECTED PRODUCTS

The following products are affected by CVE-2024-9852 vulnerability.

Vendors Products
Iconics
  • Genesis64
Mitsubishielectric
  • Genesis64
  • Mc Works64
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-9852.

URL Resource
https://jvn.jp/vu/JVNVU93891820 cve-icon cve-icon
https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-04 cve-icon cve-icon
https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact