{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T10:55:36.662","vulnerabilities":[{"cve":{"id":"CVE-2022-33316","sourceIdentifier":"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp","published":"2022-07-20T17:15:08.217","lastModified":"2026-01-09T06:15:58.983","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric MC Works64 versions 4.04E and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious XAML codes."},{"lang":"es","value":"Una vulnerabilidad de Deserialización de Datos No Confiables en ICONICS GENESIS64 versiones 10.97.1 y anteriores y Mitsubishi Electric MC Works64 versiones 4.04E (10.95.210.01) y anteriores permite a un atacante no autenticado ejecutar un código malicioso arbitrario al conllevar a un usuario a cargar un archivo de pantalla de monitoreo que incluye códigos XAML maliciosos"}],"metrics":{"cvssMetricV31":[{"source":"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iconics:genesis64:10.97:*:*:*:*:*:*:*","matchCriteriaId":"44D3F652-C916-4395-BD11-AECDDF960D45"},{"vulnerable":true,"criteria":"cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:*","matchCriteriaId":"6D89798E-910C-4C3F-9385-D9B7CA921091"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:*","versionEndIncluding":"10.95.210.01","matchCriteriaId":"F44C63DD-663E-4505-8586-D4BCAB01AF73"}]}]}],"references":[{"url":"https://jvn.jp/vu/JVNVU96480474/index.html","source":"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp","tags":["Third Party Advisory"]},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04","source":"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"},{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf","source":"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp","tags":["Third Party Advisory"]},{"url":"https://jvn.jp/vu/JVNVU96480474/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}