CVE-2017-9634 - Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to a

CVE-2017-9634

Summary

Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash.

References

http://www.securityfocus.com/bid/100097
https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01

Vulnerable Configurations

cpe:2.3:a:mitsubishielectric:e-designer:7.52:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:e-designer:7.52:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 09-10-2019 - 23:30)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	100097
misc	https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01

Last major update

09-10-2019 - 23:30

Published

17-04-2018 - 14:29

Last modified

09-10-2019 - 23:30