Threat Encyclopedia

Improper Handling of Length Parameter for Mitsubishi Electric CW Configurator


Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electronic CW Configurator version 1.011M and earlier allows a remote unauthenticated attacker to cause a DoS condition of the software products, and possibly to execute a malicious program on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.

affected-products-logoAffected Products

CW Configurator