February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2023-29186 – SAP NetWeaver Vulnerability
April 12, 2023Rewterz Threat Advisory – CVE-2023-1829 – Linux Kernel Vulnerability
April 12, 2023Rewterz Threat Advisory – CVE-2023-29186 – SAP NetWeaver Vulnerability
April 12, 2023Rewterz Threat Advisory – CVE-2023-1829 – Linux Kernel Vulnerability
April 12, 2023
Severity
High
Analysis Summary
CVE-2020-14521
Mitsubishi Electric Factory Automation Engineering products could allow a remote attacker to execute arbitrary code on the system, caused by an unquoted search path or element flaw. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2020-14521
Affected Vendors
Mitsubishi Electric
Affected Products
- Mitsubishi Electric CW Configurator 1.010L
- Mitsubishi Electric Motion Control Setting 1.005F
- Mitsubishi Electric CPU Module Logging Configuration Tool 1.100E
- Mitsubishi Electric GX Works3 1.063RMitsubishi Electric MELSOFT iQ AppPortal
- Mitsubishi Electric MELSOFT Navigator
- Mitsubishi Electric MI Configurator
- Mitsubishi Electric MR Configurator2
- Mitsubishi Electric MX Component
- Mitsubishi Electric C Controller Interface Module Utility
- Mitsubishi Electric C Controller Module Setting and Monitoring Tool
- Mitsubishi Electric CC-Link IE Control Network Data Collector
- Mitsubishi Electric CC-Link IE Field Network Data Collector
- Mitsubishi Electric Data Transfer
- Mitsubishi Electric EZSocket
- Mitsubishi Electric FR Configurator SW3
- Mitsubishi Electric GT Designer2 Classic
- Mitsubishi Electric GT Designer3 Version1 (GOT1000)
- Mitsubishi Electric GT Designer3 Version1 (GOT2000)
- Mitsubishi Electric GT SoftGOT1000 Version3
- Mitsubishi Electric GT SoftGOT2000 Version1
- Mitsubishi Electric GX Developer 8.504A
- Mitsubishi Electric GX LogViewer 1.100E
- Mitsubishi Electric GX Works2
- Mitsubishi Electric M_CommDTM-IO-Link
- Mitsubishi Electric MELFA-Works
- Mitsubishi Electric MELSEC WinCPU Setting Utility
- Mitsubishi Electric MELSOFT Complete Clean Up Tool
- Mitsubishi Electric MELSOFT EM Software Development Kit
- Mitsubishi Electric Motorizer 1.005F
- Mitsubishi Electric MT Works2
- Mitsubishi Electric MX MESInterface
- Mitsubishi Electric MX MESInterface-R
- Mitsubishi Electric MX Sheet
- Mitsubishi Electric Network Interface Board CC IE Control Utility
- Mitsubishi Electric Network Interface Board CC IE Field Utility
- Mitsubishi Electric Network Interface Board CC-Link Ver.2 Utility
- Mitsubishi Electric Network Interface Board MNETH Utility
- Mitsubishi Electric Position Board utility 2
- Mitsubishi Electric PX Developer
- Mitsubishi Electric RT ToolBox2
- Mitsubishi Electric RT ToolBox3
Remediation
Upgrade to the latest version of Mitsubishi Electric Multiple Factory Automation Engineering Software, available from the Mitsubishi Electric Web site.