CVE-2025-3784

Medium CVSS: 5.5

Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential information, and obtain or modify project information.

Vendor

Product

CWE

CWE-312

Yayın Tarihi

2025-11-27 05:16:15

Güncelleme

2025-12-08 06:15:47

Source Identifier

Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

KEV Date Added

Kategoriler

CWE-312 MEDIUM 2025

Referanslar

https://jvn.jp/vu/JVNVU95288056/ https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-01 https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-016_en.pdf