CVE-2020-12007

CVE-2020-12007

Vendor Mitsubishi Electric

Product MC Works64

Weakness CWE-502 · Unsafe deserialization

Published July 16, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a deserialization vulnerability. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior; ICONICS GenBroker32 version 9.5 and prior.

Key dates

02Disclosure timeline

July 16, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-12007 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/502.html

Related vulnerabilities

Identifiers

CVE CVE-2020-12007

CWE CWE-502

Affected versions

Vendor Mitsubishi Electric

Product MC Works64

Affected Version 4.02C (10.95.208.31) and earlier

Vendor Mitsubishi Electric

Product MC Works64

Affected all versions

Vendor Mitsubishi Electric

Product MC Works32

Affected Version 3.00A (9.50.255.02)

Vendor Iconics

Product GenBroker64, Platform Services, Workbench, FrameWorX Server

Affected v10.96 and prior

Vendor Iconics

Product GenBroker32

Affected v9.5 and prior

01Description

02Disclosure timeline

03References

04Related CVE