CVE-2023-5247
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-5247 is a critical vulnerability affecting multiple Mitsubishi Electric FA Engineering Software Products. An attacker can exploit this Malicious Code Execution flaw by manipulating the file name or path of a project file, enabling them to execute malicious code. Legitimate users are unwittingly lured into opening the malicious file, potentially leading to serious consequences such as information disclosure, data tampering, deletion, or a Denial-of-Service (DoS) condition. The vulnerability underscores the importance of implementing strict file access controls and keeping software up-to-date with the latest security patches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.