CNNVD-202512-4249 Information
CNNVD ID
CNNVD-202512-4249
Related CVE
- CNNVD Published: 2025-12-24
Description (Chinese)
Mitsubishi Electric smartRTU是日本三菱电机(Mitsubishi Electric)公司的一款智能远程终端单元(RTU)。 Mitsubishi Electric smartRTU存在访问控制错误漏洞,该漏洞源于特定API路由可绕过身份验证,可能导致执行任意操作系统命令。
Description (English)
Mitsubishi Electric SmartRTU is an intelligent remote terminal unit (RTU) of Mitsubishi Electric, Japan. There is a bug in access control in Mitsubishi Electric smartRU, which stems from the fact that a specific API route can bypass identification, which may lead to the execution of arbitrary operating system orders.
Hazard Level
Medium
Vulnerability Type
访问控制错误
Affected Vendor
三菱电机
Published
2025-12-24
Last Modified
2026-02-24
References
https://emea.mitsubishielectric.com/fa/products/quality/quality-news-information https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-105-09.json https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-09 https://access.redhat.com/security/cve/cve-2025-3232
Patch
https://www.mitsubishielectric.com/en/
Share on: