CVE-2022-33317

📊 7.8 HIGH⚡ 0.1%🎯 0 exploits

📅 Published Jul 20, 2022

📋 Status: Modified

Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes.

CVSS v3.1 • NVD

🎯 Affected Products & Systems

3 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	iconics	genesis64	10.97	Vulnerable	cpe:2.3:a:iconics:genesis64:10.97:::::::*
📱App	iconics	genesis64	10.97.1	Vulnerable	cpe:2.3:a:iconics:genesis64:10.97.1:::::::*
📱App	mitsubishielectric	mc works64	≤ 10.95.210.01	Vulnerable	cpe:2.3:a:mitsubishielectric:mc_works64::::::::

📱

iconics / genesis64

Application

Vulnerable

Version: 10.97

CPE:

cpe:2.3:a:iconics:genesis64:10.97:*:*:*:*:*:*:*

📱

iconics / genesis64

Application

Vulnerable

Version: 10.97.1

CPE:

cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:*

📱

mitsubishielectric / mc works64

Application

Vulnerable

Version: ≤ 10.95.210.01

CPE:

cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:*

Metrics

7.8 HIGHCVSS v3.1[email protected]

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector:

LOCAL

Complexity:

LOW

Privileges:

NONE

User Interaction:

REQUIRED

Confidentiality:

HIGH

Integrity:

HIGH

Availability:

HIGH

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Modified

CVSS Details

7.8 (HIGH)v3.1

Source: [email protected]

EPSS Details

0.1% (Minimal)21.6th percentile

Last updated: Nov 1, 2025

Exploitation probability within 30 days

Published Date

Jul 20, 2022 (3 years ago)

Last Modified

Nov 21, 2024 (11 months ago)

Security Weaknesses1

CWE-829

References3

NVDadvisorygeneral