Description

Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX versions 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX versions 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.

INFO

Published Date :

2025-05-15T22:36:37.902Z

Last Modified :

2026-04-09T05:06:29.106Z

Source :

Mitsubishi
AFFECTED PRODUCTS

The following products are affected by CVE-2025-0921 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-0921.

URL Resource
https://jvn.jp/vu/JVNVU93838985 cve-icon cve-icon
https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-04 cve-icon cve-icon
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2025-002_en.pdf
https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-002_en.pdf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact