CVE-2023-5274

LOW 2.5

CVSS Score

2.5

EPSS Score

0.0%

EPSS Percentile

0th

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service (DoS) condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the function is running.

CWE	CWE-20
Vendor	mitsubishi electric corporation
Product	gx works2
Published	Nov 21, 2023
Last Updated	Feb 25, 2026

Stay Ahead of the Next One

Get instant alerts for mitsubishi electric corporation gx works2

Be the first to know when new low vulnerabilities affecting mitsubishi electric corporation gx works2 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Affected Versions

Mitsubishi Electric Corporation / GX Works2

all versions

References

NVD ↗ CVE.org ↗ EPSS Data ↗

mitsubishielectric.com: https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-015_en.pdf jvn.jp: https://jvn.jp/vu/JVNVU98760962/index.html cisa.gov: https://www.cisa.gov/news-events/ics-advisories/icsa-23-331-03