ICSA-24-338-04
Vulnerability from csaf_cisa - Published: 2024-12-03 00:00 - Updated: 2026-04-07 06:00Summary
Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)
Notes
Risk evaluation: Successful exploitation of these vulnerabilities could allow a local attacker to execute an arbitrary code by storing a specially crafted DLL in a specific folder or tampering with a specially crafted DLL. This could lead to disclose information in the affected products, tamper with, destroy or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: United States
Company headquarters location: Japan
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Mitsubishi Electric security advisory 2024-010 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact CISA directly for any questions regarding this advisory.
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability. Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet. Locate control system networks and remote devices behind firewalls and isolate them from business networks. When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
7.8 (High)
Vendor Fix
For GENESIS64, ICONICS Suite, and Hyper Historian users who do not need to use the Phone agent, download and install Version 10.98 or later from the link (https://iconicsinc.my.site.com/community/s/resource-center/product-downloads?tabset-a9d51=51905).
https://iconicsinc.my.site.com/community/s/resour…
No Fix Planned
For GENESIS64, ICONICS Suite, and Hyper Historian users who need to use the Phone agent and are using a Dialogic telephony board, install the driver provided by Dialogic. For GENESIS64 and ICONICS Suite users who need to use the Phone agent and are using a non-Dialogic telephony board, there are no plans to release a fixed version for the Phone agent. If you do not need to use the multi-agent notification feature, uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the Phone agent, execute a custom installation of the multi-agent notification feature and skip the installation of the Phone agent.
No Fix Planned
There are no plans to release fixed versions for MC Works64 and GENESIS32. If you do not need to use the multi-agent notification feature, uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the Phone agent, execute a custom installation of the multi-agent notification feature and skip the installation of the Phone agent.
Mitigation
For users who do not need to use the multi-agent notification feature, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend uninstalling it, to avoid the risk of exploiting this vulnerability. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later.
Mitigation
For users who need to use the multi-agent notification feature, and do not need to use the Phone agent, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend executing a custom installation of the multi-agent notification feature and skipping the installation of the Phone agent, to avoid the risk of exploiting this vulnerability.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend using PCs with the affected product installed in the LAN and blocking remote login from untrusted networks, hosts, and users, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing unauthorized access by using a firewall or virtual private network (VPN), etc., and allowing remote login only to trusted users when connecting a PC with the affected product installed to the Internet, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends restricting physical access to the PC on which the affected product is installed and the network to which the PC is connected, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing the user from clicking on web links in emails from untrusted sources, or from opening attachments in untrusted emails, to minimize the risk of exploiting this vulnerability.
Mitigation
Additional information and useful links are found on Mitsubishi Electric's security advisory at "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf".
https://www.mitsubishielectric.com/psirt/vulnerab…
Mitigation
Additional information and useful links are found on the ICONICS GENESIS64 security updates page at "https://iconics.com/en-us/about/security/cert".
https://iconics.com/en-us/about/security/cert
CWE-561
- Dead Code
Vendor Fix
For users using GENESIS64 and ICONICS Suite Version 10.97.2 series, download and install "10.97.2 Critical Fixes Rollup 3" (https://iconicsinc.my.site.com/community/s/software-update/a355a000003g4Q5AAI/10972-critical-fixes-rollup-3).
https://iconicsinc.my.site.com/community/s/softwa…
Vendor Fix
For users using GENESIS64 and ICONICS Suite Version 10.97.3 series, download and install "10.97.3 Critical Fixes Rollup 2" (https://iconicsinc.my.site.com/community/s/software-update/a35QQ000000y2oXYAQ/10973-critical-fixes-rollup-2).
https://iconicsinc.my.site.com/community/s/softwa…
Mitigation
For users of products who cannot immediately update the product, prevent the affected products from being installed in non-default, unprotected folders, to avoid the risk of exploiting this vulnerability.
Mitigation
For users of products who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend using PCs with the affected product installed in the LAN and blocking remote login from untrusted networks, hosts, and users, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing unauthorized access by using a firewall or virtual private network (VPN), etc., and allowing remote login only to trusted users when connecting a PC with the affected product installed to the Internet, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products who cannot immediately update the product, Mitsubishi Electric recommends restricting physical access to the PC on which the affected product is installed and the network to which the PC is connected, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing the user from clicking on web links in emails from untrusted sources, or from opening attachments in untrusted emails, to minimize the risk of exploiting this vulnerability.
Mitigation
Additional information and useful links are found on Mitsubishi Electric's security advisory at "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf".
https://www.mitsubishielectric.com/psirt/vulnerab…
Mitigation
Additional information and useful links are found on the ICONICS GENESIS64 security updates page at "https://iconics.com/en-us/About/Security/CERT".
https://iconics.com/en-us/About/Security/CERT
7.8 (High)
Vendor Fix
For GENESIS64 and ICONICS Suite users who do not need to use the Fax agent, download and install Version 10.98 or later from the link (https://iconicsinc.my.site.com/community/s/resource-center/product-downloads?tabset-a9d51=51905).
No Fix Planned
For GENESIS64 and ICONICS Suite users who need to use the Fax agent, there are no plans to release a fixed version for the Fax agent. If you do not need to use the multi-agent notification feature, please uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the FAX agent, execute a custom installation of the multi-agent notification feature and skip the installation of the FAX agent. If you install the FAX Agent, activate "Windows Fax and Scan" feature in Microsoft Windows. The steps for enabling the "Windows Fax and Scan" feature can vary depending on Microsoft Windows version, so check the Microsoft site for more information.
No Fix Planned
There are no plans to release fixed versions for MC Works64 and GENESIS32. If you do not need to use the multi-agent notification feature, please uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the FAX agent, execute a custom installation of the multi-agent notification feature and skip the installation of the FAX agent. If you install the FAX Agent, activate "Windows Fax and Scan" feature in Microsoft Windows. The steps for enabling the "Windows Fax and Scan" feature can vary depending on Microsoft Windows version, so check the Microsoft site for more information.
Mitigation
For users who do not need to use the multi-agent notification feature, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend uninstalling it, to avoid the risk of exploiting this vulnerability. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later.
Mitigation
For users who need to use the multi-agent notification feature, and do not need to use the FAX agent, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend executing a custom installation of the multi-agent notification feature and skipping the installation of the FAX agent, to avoid the risk of exploiting this vulnerability.
Mitigation
For users who install the FAX Agent, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend activating "Windows Fax and Scan" feature in Microsoft Windows?, to avoid the risk of exploiting this vulnerability. The steps for enabling the "Windows Fax and Scan" feature can vary depending on Microsoft Windows? version, so check the Microsoft site for more information.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend using PCs with the affected product installed in the LAN and blocking remote login from untrusted networks, hosts, and users, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing unauthorized access by using a firewall or virtual private network (VPN), etc., and allowing remote login only to trusted users when connecting a PC with the affected product installed to the Internet, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends restricting physical access to the PC on which the affected product is installed and the network to which the PC is connected, to minimize the risk of exploiting this vulnerability.
Mitigation
For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing the user from clicking on web links in emails from untrusted sources, or from opening attachments in untrusted emails, to minimize the risk of exploiting this vulnerability.
Mitigation
Additional information and useful links are found on Mitsubishi Electric's security advisory at "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf".
https://www.mitsubishielectric.com/psirt/vulnerab…
Mitigation
Additional information and useful links are found on the ICONICS GENESIS64 security updates page at "https://iconics.com/en-us/about/security/cert".
https://iconics.com/en-us/about/security/cert
References
Acknowledgments
Palo Alto Networks
Asher Davila
Malav Vyas
{
"document": {
"acknowledgments": [
{
"names": [
"Asher Davila",
"Malav Vyas"
],
"organization": "Palo Alto Networks",
"summary": "reported these vulnerabilities to Mitsubishi Electric Iconics Digital Solutions"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow a local attacker to execute an arbitrary code by storing a specially crafted DLL in a specific folder or tampering with a specially crafted DLL. This could lead to disclose information in the affected products, tamper with, destroy or delete information in the affected products, or cause a denial of service (DoS) condition on the products.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Mitsubishi Electric security advisory 2024-010 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact CISA directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability. Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet. Locate control system networks and remote devices behind firewalls and isolate them from business networks. When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-24-338-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-338-04.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-24-338-04 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
}
],
"title": "Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)",
"tracking": {
"current_release_date": "2026-04-07T06:00:00.000000Z",
"generator": {
"date": "2026-03-31T22:29:26.054161Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.5.0"
}
},
"id": "ICSA-24-338-04",
"initial_release_date": "2024-12-03T00:00:00.000000Z",
"revision_history": [
{
"date": "2024-12-03T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2026-01-08T00:00:00.000000Z",
"legacy_version": "Update A",
"number": "2",
"summary": "Update A - Added GENESIS32."
},
{
"date": "2026-03-10T00:00:00.000000Z",
"legacy_version": "Update B",
"number": "3",
"summary": "Update B - Added ICONICS Suite."
},
{
"date": "2026-04-07T00:00:00.000000Z",
"legacy_version": "Update C",
"number": "4",
"summary": "Update C - Added fixed versions."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.97.3",
"product": {
"name": "Mitsubishi Electric GENESIS64: \u003c= 10.97.3",
"product_id": "CSAFPID-0001"
}
},
{
"category": "product_version_range",
"name": "10.97.2|10.97.2_CFR1|10.97.2_CFR2|10.97.3",
"product": {
"name": "Mitsubishi Electric GENESIS64: 10.97.2|10.97.2 CFR1|10.97.2 CFR2|10.97.3",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "GENESIS64"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.97.3",
"product": {
"name": "Mitsubishi Electric ICONICS Suite: \u003c=10.97.3",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_version_range",
"name": "10.97.2|10.97.2_CFR1|10.97.2_CFR2|10.97.3",
"product": {
"name": "Mitsubishi Electric ICONICS Suite: 10.97.2|10.97.2 CFR1|10.97.2 CFR2|10.97.3",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "ICONICS Suite"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric MC Works64: vers:all/*",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "MC Works64"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric GENESIS32: vers:all/*",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "GENESIS32"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.97.3",
"product": {
"name": "Mitsubishi Electric Hyper Historian: \u003c=10.97.3",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Hyper Historian"
}
],
"category": "vendor",
"name": "Mitsubishi Electric"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.97.3",
"product": {
"name": "Mitsubishi Electric Iconics Digital Solutions GENESIS64: \u003c=10.97.3",
"product_id": "CSAFPID-0008"
}
},
{
"category": "product_version_range",
"name": "10.97.2|10.97.2_CFR1|10.97.2_CFR2|10.97.3",
"product": {
"name": "Mitsubishi Electric Iconics Digital Solutions GENESIS64: 10.97.2|10.97.2 CFR1|10.97.2 CFR2|10.97.3",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "GENESIS64"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.97.3",
"product": {
"name": "Mitsubishi Electric Iconics Digital Solutions ICONICS Suite: \u003c=10.97.3",
"product_id": "CSAFPID-0010"
}
},
{
"category": "product_version_range",
"name": "10.97.2|10.97.2_CFR1|10.97.2_CFR2|10.97.3",
"product": {
"name": "Mitsubishi Electric Iconics Digital Solutions ICONICS Suite: 10.97.2|10.97.2 CFR1|10.97.2 CFR2|10.97.3",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "ICONICS Suite"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Mitsubishi Electric Iconics Digital Solutions GENESIS32: vers:all/*",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "GENESIS32"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.97.3",
"product": {
"name": "Mitsubishi Electric Iconics Digital Solutions Hyper Historian: \u003c=10.97.3",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "Hyper Historian"
}
],
"category": "vendor",
"name": "Mitsubishi Electric Iconics Digital Solutions"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8299",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "summary",
"text": "A malicious code execution vulnerability due to an uncontrolled search path element exists in the Phone agent of the multi-agent notification feature of GENESIS64, ICONICS Suite, MC Works64, and GENESIS32. Customers using a Dialogic telephony board without installing the Dialogic driver, or non-Dialogic telephony board, and using any version of MC Works64 or GENESIS32, or version 10.97.2 or prior of GENESIS64 or ICONICS Suite are unconditionally affected. In addition, version 10.97.3 or later of GENESIS64 or ICONICS Suite and installing multi-agent notification feature are affected.",
"title": "Vulnerability Summary"
},
{
"category": "details",
"text": "SSVCv2/E:N/A:N/T:T/2026-04-07T00:00:00.000Z",
"title": "SSVC"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8299"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/427.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For GENESIS64, ICONICS Suite, and Hyper Historian users who do not need to use the Phone agent, download and install Version 10.98 or later from the link (https://iconicsinc.my.site.com/community/s/resource-center/product-downloads?tabset-a9d51=51905).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0007",
"CSAFPID-0013"
],
"url": "https://iconicsinc.my.site.com/community/s/resource-center/product-downloads?tabset-a9d51=51905"
},
{
"category": "no_fix_planned",
"details": "For GENESIS64, ICONICS Suite, and Hyper Historian users who need to use the Phone agent and are using a Dialogic telephony board, install the driver provided by Dialogic. For GENESIS64 and ICONICS Suite users who need to use the Phone agent and are using a non-Dialogic telephony board, there are no plans to release a fixed version for the Phone agent. If you do not need to use the multi-agent notification feature, uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the Phone agent, execute a custom installation of the multi-agent notification feature and skip the installation of the Phone agent.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "no_fix_planned",
"details": "There are no plans to release fixed versions for MC Works64 and GENESIS32. If you do not need to use the multi-agent notification feature, uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the Phone agent, execute a custom installation of the multi-agent notification feature and skip the installation of the Phone agent.",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0012"
]
},
{
"category": "mitigation",
"details": "For users who do not need to use the multi-agent notification feature, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend uninstalling it, to avoid the risk of exploiting this vulnerability. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users who need to use the multi-agent notification feature, and do not need to use the Phone agent, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend executing a custom installation of the multi-agent notification feature and skipping the installation of the Phone agent, to avoid the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend using PCs with the affected product installed in the LAN and blocking remote login from untrusted networks, hosts, and users, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing unauthorized access by using a firewall or virtual private network (VPN), etc., and allowing remote login only to trusted users when connecting a PC with the affected product installed to the Internet, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends restricting physical access to the PC on which the affected product is installed and the network to which the PC is connected, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing the user from clicking on web links in emails from untrusted sources, or from opening attachments in untrusted emails, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory at \"https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf\".",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf"
},
{
"category": "mitigation",
"details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page at \"https://iconics.com/en-us/about/security/cert\".",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0013"
],
"url": "https://iconics.com/en-us/about/security/cert"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
}
]
},
{
"cve": "CVE-2024-8300",
"cwe": {
"id": "CWE-561",
"name": "Dead Code"
},
"notes": [
{
"category": "summary",
"text": "A malicious code execution vulnerability due to dead code exists in the FA device communication driver of GENESIS64 and ICONICS Suite. Users who install affected products in an unprotected folder other than the default installation folder are affected.",
"title": "Vulnerability Summary"
},
{
"category": "details",
"text": "SSVCv2/E:N/A:N/T:T/2026-04-07T00:00:00.000Z",
"title": "SSVC"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8300"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/561.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For users using GENESIS64 and ICONICS Suite Version 10.97.2 series, download and install \"10.97.2 Critical Fixes Rollup 3\" (https://iconicsinc.my.site.com/community/s/software-update/a355a000003g4Q5AAI/10972-critical-fixes-rollup-3).",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
],
"url": "https://iconicsinc.my.site.com/community/s/software-update/a355a000003g4Q5AAI/10972-critical-fixes-rollup-3"
},
{
"category": "vendor_fix",
"details": "For users using GENESIS64 and ICONICS Suite Version 10.97.3 series, download and install \"10.97.3 Critical Fixes Rollup 2\" (https://iconicsinc.my.site.com/community/s/software-update/a35QQ000000y2oXYAQ/10973-critical-fixes-rollup-2).",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
],
"url": "https://iconicsinc.my.site.com/community/s/software-update/a35QQ000000y2oXYAQ/10973-critical-fixes-rollup-2"
},
{
"category": "mitigation",
"details": "For users of products who cannot immediately update the product, prevent the affected products from being installed in non-default, unprotected folders, to avoid the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
]
},
{
"category": "mitigation",
"details": "For users of products who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend using PCs with the affected product installed in the LAN and blocking remote login from untrusted networks, hosts, and users, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
]
},
{
"category": "mitigation",
"details": "For users of products who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing unauthorized access by using a firewall or virtual private network (VPN), etc., and allowing remote login only to trusted users when connecting a PC with the affected product installed to the Internet, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
]
},
{
"category": "mitigation",
"details": "For users of products who cannot immediately update the product, Mitsubishi Electric recommends restricting physical access to the PC on which the affected product is installed and the network to which the PC is connected, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
]
},
{
"category": "mitigation",
"details": "For users of products who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing the user from clicking on web links in emails from untrusted sources, or from opening attachments in untrusted emails, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
]
},
{
"category": "mitigation",
"details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory at \"https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf\".",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf"
},
{
"category": "mitigation",
"details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page at \"https://iconics.com/en-us/About/Security/CERT\".",
"product_ids": [
"CSAFPID-0009",
"CSAFPID-0011"
],
"url": "https://iconics.com/en-us/About/Security/CERT"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0009",
"CSAFPID-0011"
]
}
]
},
{
"cve": "CVE-2024-9852",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "summary",
"text": "A malicious code execution vulnerability due to an uncontrolled search path element exists in the FAX agent of the multi-agent notification feature on GENESIS64, ICONICS Suite, MC Works64, and GENESIS32. Users of any version of MC Works64 or GENESIS32, or version 10.97.2 or prior of GENESIS64 or ICONICS Suite are unconditionally affected. In addition, users of version 10.97.3 or later of GENESIS64 or ICONICS Suite and installing multi-agent notification feature are affected.",
"title": "Vulnerability Summary"
},
{
"category": "details",
"text": "SSVCv2/E:N/A:N/T:T/2026-04-07T00:00:00.000Z",
"title": "SSVC"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9852"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/427.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For GENESIS64 and ICONICS Suite users who do not need to use the Fax agent, download and install Version 10.98 or later from the link (https://iconicsinc.my.site.com/community/s/resource-center/product-downloads?tabset-a9d51=51905).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "no_fix_planned",
"details": "For GENESIS64 and ICONICS Suite users who need to use the Fax agent, there are no plans to release a fixed version for the Fax agent. If you do not need to use the multi-agent notification feature, please uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the FAX agent, execute a custom installation of the multi-agent notification feature and skip the installation of the FAX agent. If you install the FAX Agent, activate \"Windows Fax and Scan\" feature in Microsoft Windows. The steps for enabling the \"Windows Fax and Scan\" feature can vary depending on Microsoft Windows version, so check the Microsoft site for more information. ",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "no_fix_planned",
"details": "There are no plans to release fixed versions for MC Works64 and GENESIS32. If you do not need to use the multi-agent notification feature, please uninstall it. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later. For users who need to use the multi-agent notification feature, and do not need to use the FAX agent, execute a custom installation of the multi-agent notification feature and skip the installation of the FAX agent. If you install the FAX Agent, activate \"Windows Fax and Scan\" feature in Microsoft Windows. The steps for enabling the \"Windows Fax and Scan\" feature can vary depending on Microsoft Windows version, so check the Microsoft site for more information.",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0012"
]
},
{
"category": "mitigation",
"details": "For users who do not need to use the multi-agent notification feature, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend uninstalling it, to avoid the risk of exploiting this vulnerability. The multi-agent notification feature is not included in the default installation of GENESIS64 and ICONICS Suite version 10.97.3 or later.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users who need to use the multi-agent notification feature, and do not need to use the FAX agent, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend executing a custom installation of the multi-agent notification feature and skipping the installation of the FAX agent, to avoid the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users who install the FAX Agent, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend activating \"Windows Fax and Scan\" feature in Microsoft Windows?, to avoid the risk of exploiting this vulnerability. The steps for enabling the \"Windows Fax and Scan\" feature can vary depending on Microsoft Windows? version, so check the Microsoft site for more information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend using PCs with the affected product installed in the LAN and blocking remote login from untrusted networks, hosts, and users, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing unauthorized access by using a firewall or virtual private network (VPN), etc., and allowing remote login only to trusted users when connecting a PC with the affected product installed to the Internet, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric recommends restricting physical access to the PC on which the affected product is installed and the network to which the PC is connected, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "For users of products that do not have a fixed version or who cannot immediately update the product, Mitsubishi Electric and Mitsubishi Electric Iconics Digital Solutions recommend preventing the user from clicking on web links in emails from untrusted sources, or from opening attachments in untrusted emails, to minimize the risk of exploiting this vulnerability.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
},
{
"category": "mitigation",
"details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory at \"https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf\".",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2024-010_en.pdf"
},
{
"category": "mitigation",
"details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page at \"https://iconics.com/en-us/about/security/cert\".",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0013"
],
"url": "https://iconics.com/en-us/about/security/cert"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0003",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0010",
"CSAFPID-0012",
"CSAFPID-0007",
"CSAFPID-0013"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…