CVE-2013-2817

Mitsubishi Electric Automation MC-WorX Suite 8.02 - RCE

Title source: llm

Description

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.

Exploits (1)

exploitdb WORKING POC

by blake · htmlremotewindows

https://www.exploit-db.com/exploits/28284

View Code ZIP pw:eip

References (2)

[US Government Resource] http://ics-cert.us-cert.gov/advisories/ICSA-14-051-02

[Patch, Vendor Advisory] http://www.meau.com/eprise/main/sites/public/Products/Software/-MC_Works

Scores

EPSS 0.3579

EPSS Percentile 97.1%

Details

CWE

CWE-94

Status published

Products (1)

mitsubishielectric/mc-worx_suite < 8.02

Published Feb 24, 2014

Tracked Since Feb 18, 2026