GCVE - cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:*

part: a version: 10.97.1 update: *

Vendor	Iconics (`85d629b2-b3cd-51d8-82ee-a6f1113acb88`)
Product	Genesis64 (`28d88c13-54a6-5560-83f1-ad3aa04d0115`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-33320`	vulnerable	2026-06-03 14:47:26.870851	Details available HIGH (7.8) Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes. Published: 2022-07-20T16:56:24.000Z Updated: 2026-01-09T05:16:27.798Z Open on db.gcve.eu Reference links https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf https://jvn.jp/vu/JVNVU96480474/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-33319`	vulnerable	2026-06-03 14:47:26.870384	Details available HIGH (8.2) Out-of-bounds Read vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric GENESIS32 versions 9.7 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows a remote unauthenticated attacker to disclose information on memory or cause a Denial of Service (DoS) condition by sending specially crafted packets to the GENESIS64, ICONICS Suite, GENESIS32, or MC Works64 server. Published: 2022-07-20T16:58:49.000Z Updated: 2026-01-09T05:14:32.690Z Open on db.gcve.eu Reference links https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf https://jvn.jp/vu/JVNVU96480474/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-33318`	vulnerable	2026-06-03 14:47:26.869780	Details available CRITICAL (9.8) Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric GENESIS32 versions 9.7 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows a remote unauthenticated attacker to execute an arbitrary malicious code by sending specially crafted packets to the GENESIS64, ICONICS Suite, GENESIS32, or MC Works64 server. Published: 2022-07-20T16:57:38.000Z Updated: 2026-01-09T05:12:41.871Z Open on db.gcve.eu Reference links https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf https://jvn.jp/vu/JVNVU96480474/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-33317`	vulnerable	2026-06-03 14:47:26.864183	Details available HIGH (7.8) Inclusion of Functionality from Untrusted Control Sphere vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes. Published: 2022-07-20T16:53:59.000Z Updated: 2026-01-09T05:09:15.556Z Open on db.gcve.eu Reference links https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf https://jvn.jp/vu/JVNVU96480474/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-33316`	vulnerable	2026-06-03 14:47:26.863658	Details available HIGH (7.8) Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes. Published: 2022-07-20T16:51:27.000Z Updated: 2026-01-09T05:07:12.066Z Open on db.gcve.eu Reference links https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf https://jvn.jp/vu/JVNVU96480474/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-33315`	vulnerable	2026-06-03 14:47:26.862491	Details available HIGH (7.8) Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes. Published: 2022-07-20T16:55:13.000Z Updated: 2026-01-09T04:58:25.913Z Open on db.gcve.eu Reference links https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf https://jvn.jp/vu/JVNVU96480474/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-29834`	vulnerable	2026-06-03 14:46:58.971775	Details available HIGH (7.5) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1 allows a remote unauthenticated attacker to access to arbitrary files in the GENESIS64 server or ICONICS suite server and disclose information stored in the files by embedding a malicious URL parameter in the URL of the monitoring screen delivered to the GENESIS64 or ICONICS Suite mobile monitoring application and accessing the monitoring screen. Published: 2022-07-20T16:48:46.000Z Updated: 2026-01-09T04:54:48.324Z Open on db.gcve.eu Reference links https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf https://jvn.jp/vu/JVNVU96480474/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.