PatchSiren cyber security CVE debrief
CVE-2023-51777 Mitsubishi Electric CVE debrief
CVE-2023-51777 is a local denial-of-service vulnerability affecting 37 Mitsubishi Electric FA engineering software products. If malicious code executes on a host with affected software installed, a local attacker can trigger a Windows blue screen error, resulting in system unavailability. The vulnerability requires local access, low privileges, and user interaction, with high attack complexity. CISA published this advisory on 2024-05-14 as ICSA-24-135-04, with the most recent update (Update E) on 2026-01-15 adding version-specific mitigation details. This vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Mitsubishi Electric
- Product
- CPU Module Logging Configuration Tool
- CVSS
- MEDIUM 4.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-05-14
- Original CVE updated
- 2026-01-15
- Advisory published
- 2024-05-14
- Advisory updated
- 2026-01-15
Who should care
Organizations operating Mitsubishi Electric industrial automation systems, particularly manufacturing facilities, critical infrastructure operators, and system integrators using affected FA engineering software for PLC programming, HMI development, or motion control configuration. Security teams responsible for OT/ICS environments and engineering workstation protection should prioritize inventory and patching activities.
Technical summary
This vulnerability exists in 37 Mitsubishi Electric FA engineering software products including GX Works2, GX Works3, GT Designer3, MX Component, and various configuration tools. The flaw allows a local attacker with low privileges to cause a Windows blue screen (BSOD) denial-of-service condition when malicious code executes on the affected system. The attack requires high complexity and user interaction. CVSS 3.1 score is 4.4 (MEDIUM). Multiple product-specific patches are available from Mitsubishi Electric, with some products requiring vendor contact for updates.
Defensive priority
medium
Recommended defensive actions
- Inventory all Mitsubishi Electric FA engineering software installations across engineering workstations and identify affected versions per CISA advisory ICSA-24-135-04
- Apply vendor-provided updates to affected products: CPU Module Logging Configuration Tool to 1.160S or later, GX Works3 to 1.110Q or later, GX Works2 to 1.625B or later, and other products per version matrix in advisory
- For products without direct updates available (CSGL, EZSocket), contact your place of purchase for assistance obtaining patched versions
- Consider migrating from GENESIS64 and ICONICS Suite to successor product GENESIS version 11 or later
- Restrict local access to engineering workstations running affected Mitsubishi Electric software to authorized personnel only
- Implement application whitelisting and endpoint protection on engineering workstations to prevent execution of malicious code
- Monitor for unexpected Windows system crashes or blue screen events on systems running affected software
- Review and apply CISA ICS recommended practices for defense-in-depth strategies in industrial control environments
Evidence notes
CVE description and affected product list derived from CISA CSAF advisory ICSA-24-135-04. CVSS 3.1 score of 4.4 (MEDIUM) with vector AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H. Advisory revision history shows six updates from initial publication through 2026-01-15, with Update E specifically adding version information to affected product and mitigation sections.
Official resources
-
CVE-2023-51777 CVE record
CVE.org
-
CVE-2023-51777 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-14