CNNVD-202512-3754 Information
CNNVD ID
CNNVD-202512-3754
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
Mitsubishi Electric MC Works64等都是日本三菱电机(Mitsubishi Electric)公司的产品。Mitsubishi Electric MC Works64是一套数据采集与监控系统(SCADA)。Mitsubishi Electric GENESIS64是一个 SCADA 套件。Mitsubishi Electric Iconics Digital Solutions是一个数字解决方案软件。 Mitsubishi Electric多款产品存在操作系统命令注入漏洞,该漏洞源于软件键盘功能对特殊元素中和不当,可能导致OS命令注入攻击。以下产品及版本受到影响:Mitsubishi Electric GENESIS64 10.97.2 CFR3及之前版本、Mitsubishi Electric Iconics Digital Solutions GENESIS64 10.97.2 CFR3及之前版本、Mitsubishi Electric ICONICS Suite 10.97.2 CFR3及之前版本、Mitsubishi Electric Iconics Digital Solutions ICONICS Suite 10.97.2 CFR3及之前版本、Mitsubishi Electric MobileHMI 10.97.2 CFR3及之前版本、Mitsubishi Electric Iconics Digital Solutions MobileHMI 10.97.2 CFR3及之前版本和Mitsubishi Electric MC Works64所有版本。
Description (English)
Mitsubishi Electric MC Works64 and others are the products of the Japanese company Mitsubishi Electric. Mitsubishi Electric MC Works64 is a data collection and monitoring system (SCADA). Mitsubishi Electric GENESIS64 is a SCADA package. It is a digital solution software. There is a gap in operating system commands for the Mitsubishi Electrich multi-products, which arises from the inadequacy of the software keyboard function for special elements, which may lead to an OS injection attack. The following products and versions have been affected: Mitsubishi Electric GENESIS 64 10.97.2 CFR3 and its predecessors, Mitsubiši Ericic Digital Solutions GENESIS 64 10.97.2 CFR3 and its predecessors, Mitsubiši Supervisorić Electric ICONICS Suite 10.97.2 CFR3 and its predecessors, Mitsubiš Iconic Digital Solutions ICT10.97.2 CFR3 and all previous and previous versions of Mitsubiš Electric MC.
Hazard Level
Medium
Vulnerability Type
操作系统命令注入
Affected Vendor
三菱电机
Published
2025-12-19
Last Modified
2026-02-24
References
https://jvn.jp/vu/JVNVU97729686/ https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-018_en.pdf https://access.redhat.com/security/cve/cve-2025-11774
Patch
https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-018_en.pdf
Share on: