CVE-2023-4088 Information

Description

Incorrect Default Permissions vulnerability due to incomplete fix to address CVE-2020-14496 in Mitsubishi Electric Corporation FA engineering software products allows a malicious local attacker to execute a malicious code which could result in information disclosure tampering with and deletion or a denial-of-service (DoS) condition. However if the mitigated version described in the advisory for CVE-2020-14496 is used and installed in the default installation folder this vulnerability does not affect the products.

Reference

https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-010_en.pdf