Cyber Resilience

CVE-2020-14496

High

Published: 19 May 2022

Published
19 May 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0013 32.0th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-14496 is a high-severity an unspecified weakness vulnerability in Mitsubishielectric Cpu Module Logging Configuration Tool. Its CVSS base score is 8.3 (High).

Operationally, ranked at the 32.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed,…

more

tampered with, and/or destroyed.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

mitsubishielectric
cpu module logging configuration tool
≤ 1.106k
mitsubishielectric
cw configurator
≤ 1.011m
mitsubishielectric
data transfer
≤ 3.41t
mitsubishielectric
em configurator
≤ 1.015r
mitsubishielectric
ezsocket
≤ 4.6
mitsubishielectric
fr configurator2
≤ 1.23z
mitsubishielectric
gt designer3
≤ 1.236w
mitsubishielectric
gt softgot1000
≤ 3.245f
mitsubishielectric
gt softgot2000
≤ 1.236w
mitsubishielectric
gx logviewer
≤ 1.106k
+19 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References