Mitsubishi Electric Europe B.V. CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Mitsubishi Electric Europe B.V. CVE published 2025-04-15

CVE-2025-3232

CVE-2025-3232 is a high-severity issue in Mitsubishi Electric Europe B.V. smartRTU that can let a remote unauthenticated attacker bypass authentication through a specific API route and execute arbitrary OS commands. The advisory applies to smartRTU versions up to 3.37. Mitsubishi Electric recommends network-level controls such as VPNs, firewalls, LAN-only use, trusted-network access, and WAF filtering to [truncated]

CRITICAL Mitsubishi Electric Europe B.V. CVE published 2025-04-15

CVE-2025-3128

CVE-2025-3128 is a critical vulnerability in Mitsubishi Electric Europe B.V. smartRTU affecting versions <=3.37. According to the CISA CSAF advisory, a remote attacker who has bypassed authentication could execute arbitrary OS commands, leading to disclosure, tampering, destruction, deletion of information, or denial of service.