CVE-2024-8300
Nov. 28, 2024, 11:15 p.m.
Tags
CVSS Score
Product(s) Impacted
ICONICS GENESIS64
- 10.97.2
- 10.97.2 CFR1
- 10.97.2 CRF2
- 10.97.3
Mitsubishi Electric GENESIS64
- 10.97.2
- 10.97.2 CFR1
- 10.97.2 CRF2
- 10.97.3
Description
Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 and Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
Weaknesses
CWE-561
Dead Code
The product contains dead code, which can never be executed.
CWE ID: 561Date
Published: Nov. 28, 2024, 11:15 p.m.
Last Modified: Nov. 28, 2024, 11:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
Exploitability Score
Impact Score
Base Severity
HIGHCVSS Vector String
The CVSS vector string provides an in-depth view of the vulnerability metrics.
View Vector StringCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H