CVE-2023-6942
📊 7.5 HIGH⚡ 0.6%🎯 0 exploits
📅 Published Jan 30, 2024
📋 Status: Modified
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) versions 1.325P and prior, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E to 2.102G, MT Works2 versions 1.190Y and prior, MX Component versions 4.00A to 5.007H and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
10 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | mitsubishielectric | ezsocket | ≥ 3.0 | Vulnerable | cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | fr configurator2 | All versions | Vulnerable | cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | got1000 | All versions | Vulnerable | cpe:2.3:a:mitsubishielectric:got1000:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | got2000 | All versions | Vulnerable | cpe:2.3:a:mitsubishielectric:got2000:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | gx works2 | ≥ 1.11m | Vulnerable | cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | gx works3 | All versions | Vulnerable | cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | mc works64 | All versions | Vulnerable | cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | melsoft navigator | ≥ 1.04e | Vulnerable | cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | mt works2 | All versions | Vulnerable | cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:* |
📱App | mitsubishielectric | mx component | ≥ 4.00a | Vulnerable | cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: ≥ 3.0
CPE:
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: All versions
CPE:
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: All versions
CPE:
cpe:2.3:a:mitsubishielectric:got1000:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: All versions
CPE:
cpe:2.3:a:mitsubishielectric:got2000:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 1.11m
CPE:
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: All versions
CPE:
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: All versions
CPE:
cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 1.04e
CPE:
cpe:2.3:a:mitsubishielectric:melsoft_navigator:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: All versions
CPE:
cpe:2.3:a:mitsubishielectric:mt_works2:*:*:*:*:*:*:*:*
📱
VulnerableApplication
Version: ≥ 4.00a
CPE:
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
10 products•scroll for more
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
NONE
Integrity:
HIGH
Availability:
NONE
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
7.5 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.6% (Minimal)68.5th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Jan 30, 2024 (1 year ago)
Last Modified
Sep 19, 2025 (1 month ago)
Security Weaknesses1
CWE-306
References4
NVDadvisorygeneral+1