CVE - CVE-2024-7587

CVE-ID
CVE-2024-7587	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for ICONICS GENESIS64 version 10.97.3 and prior, Mitsubishi Electric GENESIS64 version 10.97.3 and prior and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to disclose or tamper with confidential information and data contained in the products, or cause a denial of service (DoS) condition on the products, by accessing a folder with incorrect permissions, when GenBroker32 is installed on the same PC as GENESIS64 or MC Works64.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://jvn.jp/vu/JVNVU95548104 URL:https://jvn.jp/vu/JVNVU95548104 MISC:https://www.cisa.gov/news-events/ics-advisories/icsa-24-296-01 URL:https://www.cisa.gov/news-events/ics-advisories/icsa-24-296-01 MISC:https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-008_en.pdf URL:https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-008_en.pdf
Assigning CNA
Mitsubishi Electric Corporation
Date Record Created
20240807	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240807)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)