CVE-2022-40268
Published: 02 February 2023
Summary
CVE-2022-40268 is a medium-severity Improper Restriction of Rendered UI Layers or Frames (CWE-1021) vulnerability in Mitsubishielectric Gt Softgot2000. Its CVSS base score is 6.1 (Medium).
Operationally, ranked in the top 30.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-43566
Vulnerability details
Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B…
more
to 1.285X allows a remote unauthenticated attacker to lead legitimate users to perform unintended operations through clickjacking.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.