PatchSiren cyber security CVE debrief
CVE-2023-51776 Mitsubishi Electric CVE debrief
CVE-2023-51776 is a local privilege escalation vulnerability affecting 37 Mitsubishi Electric FA engineering software products. If malicious code executes on a system with affected software installed, a local attacker can gain Windows system privileges and execute arbitrary commands. The vulnerability was published on 2024-05-14 and most recently modified on 2026-01-15 as Update E, which added version information to affected product and mitigation sections. The CVSS 3.1 score is 4.4 (MEDIUM) with vector AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N, indicating local attack vector, high attack complexity, low privileges required, user interaction required, and high impact to integrity. Affected products span Mitsubishi Electric's industrial automation software suite including GX Works2, GX Works3, GT Designer3, MX Component, and numerous configuration and monitoring tools. Multiple products have specific patched versions available, while some require contacting the place of purchase for updates.
- Vendor
- Mitsubishi Electric
- Product
- CPU Module Logging Configuration Tool
- CVSS
- MEDIUM 4.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-05-14
- Original CVE updated
- 2026-01-15
- Advisory published
- 2024-05-14
- Advisory updated
- 2026-01-15
Who should care
Organizations operating Mitsubishi Electric industrial automation equipment with FA engineering software installed on Windows workstations, particularly manufacturing, critical infrastructure, and OT environments using MELSEC PLCs, GOT HMIs, or related control systems.
Technical summary
CVE-2023-51776 enables local privilege escalation in Mitsubishi Electric FA engineering software. The vulnerability requires malicious code execution on the target system, after which a local attacker can obtain Windows system privileges and execute arbitrary commands. The attack complexity is high and requires user interaction. The vulnerability affects 37 products including GX Works2 (<=1.622Y), GX Works3 (<=1.106L), GT Designer3, MX Component (<=5.007H), and numerous specialized configuration utilities. Patched versions are available for most products through Mitsubishi Electric's download portal, though some require vendor contact for updates.
Defensive priority
medium
Recommended defensive actions
- Inventory all Mitsubishi Electric FA engineering software installations and compare versions against affected product list
- Apply vendor-provided updates to patched versions where available; contact Mitsubishi Electric or place of purchase for products requiring assistance
- Restrict local access to engineering workstations running affected software to authorized personnel only
- Implement application whitelisting and endpoint protection on systems hosting FA engineering software
- Monitor for anomalous process execution and privilege escalation attempts on affected systems
- Review and apply CISA ICS recommended practices for defense-in-depth strategies
Evidence notes
CVE published 2024-05-14; modified 2026-01-15 as Update E adding version information. Source advisory ICSA-24-135-04 from CISA CSAF. CVSS 3.1 vector AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N per source. 37 affected products with specific version ranges identified.
Official resources
-
CVE-2023-51776 CVE record
CVE.org
-
CVE-2023-51776 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-14