CVE-2024-22103

MEDIUM

Jungo WinDriver <12.6.0 - Memory Corruption

Title source: llm

Description

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

References (3)

[Release Notes] https://jungo.com/windriver/versions/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04

[Third Party Advisory] https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf

Scores

CVSS v3 5.5

EPSS 0.0009

EPSS Percentile 24.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-787

Status published

Affected Products (35)

jungo/windriver < 12.6.0

mitsubishielectric/cpu_module_logging_configuration_tool

mitsubishielectric/cw_configurator

mitsubishielectric/data_transfer

mitsubishielectric/data_transfer_classic

mitsubishielectric/ezsocket

mitsubishielectric/fr_configurator_sw3

mitsubishielectric/fr_configurator2

mitsubishielectric/genesis64

mitsubishielectric/gt_got1000

mitsubishielectric/gt_got2000

mitsubishielectric/gt_softgot1000

mitsubishielectric/gt_softgot2000

mitsubishielectric/gx_developer

mitsubishielectric/gx_logviewer

... and 20 more

Timeline

Published Jul 02, 2024

Tracked Since Feb 18, 2026