Mitsubishi Electric’s GX Works2: Cleartext Chaos Strikes with CVSS 6.8!
Attention, GX Works2 users: your project files might be suffering from a serious case of “cleartext storage of sensitive information.” It’s a bit like leaving your diary open on the coffee table at a party. Until Mitsubishi Electric rolls out a fix, keep those files locked tighter than a drum!
Hot Take:
Oh, Mitsubishi Electric, who knew your GX Works2 software had aspirations of moonlighting as a secret diary? Unfortunately, it’s more like a public bulletin board, storing sensitive information in cleartext for all to read. But don’t worry—it’s not ready to spill its secrets to the world just yet, unless your hacker is a local with some serious determination and a knack for low-complexity attacks. Time to lock up those project files, folks!
Key Points:
- Mitsubishi Electric’s GX Works2 software is vulnerable to cleartext storage of sensitive information.
- Exploitation allows attackers to access or modify project files using stolen credentials.
- The vulnerability affects all versions of GX Works2 and has a CVSS v4 score of 6.8.
- The issue impacts critical manufacturing sectors worldwide, with company HQ in Japan.
- Mitigation measures include restricting access and using encryption and antivirus software.
Already a member? Log in here