{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-5275","assignerOrgId":"e0f77b61-78fd-4786-b3fb-1ee347a748ad","state":"PUBLISHED","assignerShortName":"Mitsubishi","dateReserved":"2023-09-29T07:57:57.067Z","datePublished":"2023-11-21T03:46:55.339Z","dateUpdated":"2026-02-25T17:20:08.061Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["simulation function"],"product":"GX Works2","vendor":"Mitsubishi Electric Corporation","versions":[{"status":"affected","version":"all versions"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.<br>"}],"value":"Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.\n"}],"impacts":[{"descriptions":[{"lang":"en","value":"Denial of service"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"LOW","baseScore":2.5,"baseSeverity":"LOW","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"e0f77b61-78fd-4786-b3fb-1ee347a748ad","shortName":"Mitsubishi","dateUpdated":"2023-11-30T04:13:52.003Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf"},{"tags":["government-resource"],"url":"https://jvn.jp/vu/JVNVU98760962/index.html"},{"tags":["government-resource"],"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T07:52:08.539Z"},"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_transferred"],"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf"},{"tags":["government-resource","x_transferred"],"url":"https://jvn.jp/vu/JVNVU98760962/index.html"},{"tags":["government-resource","x_transferred"],"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03"}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2023-5275","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2023-12-09T05:05:58.170854Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-25T17:20:08.061Z"}}]}}