CVE & CISA-KEV Catalog

CVE-2020-14496

HIGH
8.3
CVSS v3
NVD

Description

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information to be disclosed, tampered with, and/or destroyed.

How to fix

Remediation Available
cpu module logging configuration toolNVD
Affected:< 1.106kFixed in:1.106kCVE-2020-14496derived from NVD
cw configuratorNVD
Affected:< 1.011mFixed in:1.011mCVE-2020-14496derived from NVD
data transferNVD
Affected:< 3.41tFixed in:3.41tCVE-2020-14496derived from NVD
em configuratorNVD
Affected:< 1.015rFixed in:1.015rCVE-2020-14496derived from NVD
ezsocketNVD
Affected:< 4.6Fixed in:4.6CVE-2020-14496derived from NVD
fr configurator2NVD
Affected:< 1.23zFixed in:1.23zCVE-2020-14496derived from NVD
gt designer3NVD
Affected:< 1.236wFixed in:1.236wCVE-2020-14496derived from NVD
gt softgot1000NVD
Affected:< 3.245fFixed in:3.245fCVE-2020-14496derived from NVD
gt softgot2000NVD
Affected:< 1.236wFixed in:1.236wCVE-2020-14496derived from NVD
gx logviewerNVD
Affected:< 1.106kFixed in:1.106kCVE-2020-14496derived from NVD
gx works2NVD
Affected:< 1.595vFixed in:1.595vCVE-2020-14496derived from NVD
gx works3NVD
Affected:< 1.065tFixed in:1.065tCVE-2020-14496derived from NVD
m commdtm-hartNVD
Affected:< 1.01bFixed in:1.01bCVE-2020-14496derived from NVD
m commdtm-io-linkNVD
Affected:< 1.04eFixed in:1.04eCVE-2020-14496derived from NVD
melfa-worksNVD
Affected:< 4.4Fixed in:4.4CVE-2020-14496derived from NVD
melsoft fielddeviceconfiguratorNVD
Affected:< 1.04eFixed in:1.04eCVE-2020-14496derived from NVD
melsoft navigatorNVD
Affected:< 2.70yFixed in:2.70yCVE-2020-14496derived from NVD
mh11 settingtool version2NVD
Affected:< 2.003dFixed in:2.003dCVE-2020-14496derived from NVD
motorizerNVD
Affected:< 1.010lFixed in:1.010lCVE-2020-14496derived from NVD
mr configurator2NVD
Affected:< 1.106lFixed in:1.106lCVE-2020-14496derived from NVD
mt works2NVD
Affected:< 1.160sFixed in:1.160sCVE-2020-14496derived from NVD
mx componentNVD
Affected:< 4.20wFixed in:4.20wCVE-2020-14496derived from NVD
network interface board cc-link ver.2 utilityNVD
Affected:< 1.24aFixed in:1.24aCVE-2020-14496derived from NVD
network interface board cc ie control utilityNVD
Affected:< 1.30gFixed in:1.30gCVE-2020-14496derived from NVD
network interface board cc ie field utilityNVD
Affected:< 1.17tFixed in:1.17tCVE-2020-14496derived from NVD
network interface board mneth utilityNVD
Affected:< 35mFixed in:35mCVE-2020-14496derived from NVD
px developerNVD
Affected:< 1.53fFixed in:1.53fCVE-2020-14496derived from NVD
rt toolbox2NVD
Affected:< 3.73bFixed in:3.73bCVE-2020-14496derived from NVD
rt toolbox3NVD
Affected:< 1.80jFixed in:1.80jCVE-2020-14496derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeChanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Exploit Intelligence

0.83%probability of exploitation in 30 days
53rdpercentile

Moderate risk: more likely to be exploited than 53% of all known CVEs.

References

Third-Party Advisory1
Embed a live status badge for CVE-2020-14496
CVE-2020-14496 severity badge

Markdown

[![CVE-2020-14496](https://tridentstack.com/cve/badge/CVE-2020-14496.svg)](https://tridentstack.com/cve/CVE-2020-14496)

HTML

<a href="https://tridentstack.com/cve/CVE-2020-14496"><img src="https://tridentstack.com/cve/badge/CVE-2020-14496.svg" alt="CVE-2020-14496"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.