CVE-2023-6943
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-6943 is a vulnerability affecting multiple Mitsubishi Electric Corporation products, including EZSocket versions 3.0 and later, FR Configurator2, GT Designer3, MELSOFT Navigator, MT Works2, MX Component, and MX OPC Server DA/UA. This issue involves the use of externally-controlled input to select classes or code, also known as an "Unsafe Reflection" vulnerability. An attacker can exploit this weakness remotely and unauthenticated, allowing them to execute malicious code by RPC, simply by providing a path to a malicious library while connected to the targeted product. This could potentially lead to significant security risks if not addressed promptly.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Mitsubishi Electric Corporation