PatchSiren cyber security CVE debrief
CVE-2024-22102 Mitsubishi Electric CVE debrief
CVE-2024-22102 is a local denial-of-service vulnerability affecting 37 Mitsubishi Electric FA engineering software products. If malicious code executes on a computer where affected software is installed, a local attacker can trigger a Windows blue screen error, resulting in denial-of-service. The vulnerability was published on May 14, 2024, and most recently updated on January 15, 2026 (Update E), which added version information to affected product and mitigation sections. CVSS 3.1 score is 4.4 (Medium), with vector AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H. No CISA KEV listing exists. The vulnerability requires local access, high attack complexity, low privileges, and user interaction, with no impact to confidentiality or integrity but high availability impact.
- Vendor
- Mitsubishi Electric
- Product
- CPU Module Logging Configuration Tool
- CVSS
- MEDIUM 4.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-05-14
- Original CVE updated
- 2026-01-15
- Advisory published
- 2024-05-14
- Advisory updated
- 2026-01-15
Who should care
Industrial control system operators, manufacturing security teams, OT security engineers, and organizations using Mitsubishi Electric FA engineering software for PLC programming, HMI development, or motion control configuration
Technical summary
CVE-2024-22102 affects 37 Mitsubishi Electric FA engineering software products with CVSS 3.1 score 4.4 (Medium). The vulnerability allows a local attacker with low privileges to cause Windows blue screen denial-of-service through malicious code execution. Attack requires high complexity and user interaction. No confidentiality or integrity impact; high availability impact. Multiple vendor fixes available with specific version thresholds; some products require contacting vendor for assistance.
Defensive priority
medium
Recommended defensive actions
- Inventory all Mitsubishi Electric FA engineering software installations and compare against affected product list with specific version thresholds
- Apply vendor-provided updates to affected products: CPU Module Logging Configuration Tool to 1.160S+, CSGL to 2.6+, CW Configurator to 1.020W+, Data Transfer to 3.59M+, Data Transfer Classic to 1.01B+, EZSocket to 5.A+,
- FR Configurator2 to 1.33K+, GT SoftGOT1000 Version3 to 3.315D+, GT SoftGOT2000 Version1 to 1.320J+, GX LogViewer to 1.160S+, GX Works2 to 1.625B+, GX Works3 to 1.110Q+, MR Configurator2 to 1.155M+
- For products without specific fixes (FR Configurator SW3, GX Developer, MI Configurator, MR Configurator, MX OPC Server DA/UA), contact Mitsubishi Electric place of purchase for assistance
- Consider migration from GENESIS64 and ICONICS Suite to GENESIS version 11 or later as successor product
- Implement application whitelisting and execution controls on engineering workstations to prevent unauthorized code execution
- Restrict local access to engineering workstations running affected software
- Monitor for unexpected Windows system crashes or blue screen events on affected systems
Evidence notes
Source: CISA CSAF advisory ICSA-24-135-04. CVSS 3.1 vector confirmed as AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H. Affected product count: 37 products across Mitsubishi Electric's FA engineering software portfolio.
Official resources
-
CVE-2024-22102 CVE record
CVE.org
-
CVE-2024-22102 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Mitsubishi Electric disclosed this vulnerability through CISA ICS advisory ICSA-24-135-04, with multiple updates through January 2026 refining affected version information.