cbcvebase.
CVE-2020-12007
published 2020-07-16

CVE-2020-12007: A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.94%
89.1th percentile
A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a deserialization vulnerability. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior; ICONICS GenBroker32 version 9.5 and prior.

Affected

6 ranges
VendorProductVersion rangeFixed in
iconicsgenbroker32
mitsubishi_electricmc_works32
mitsubishi_electricmc_works64
mitsubishi_electricmc_works64
mitsubishielectricmc_works<= 10.95.208.31
mitsubishielectricmc_works32

Detection & IOCsextracted from sources · hover to see the quote

  • Target the GENESIS64 FrameWorX Server and MC Works64 FrameWorX Server components — a specially crafted communication packet triggers deserialization of untrusted data (CWE-502) enabling RCE and DoS
  • Monitor for specially crafted inbound network packets targeting MC Works64 FrameWorX Server; the attack vector is network (AV:N), no authentication required (PR:N), no user interaction (UI:N), low attack complexity (AC:L)
  • Alert on unexpected process crashes or denial-of-service conditions on FrameWorX Server processes in ICONICS GENESIS64 (v10.96 and prior) and Mitsubishi Electric MC Works64 (v4.02C / 10.95.208.31 and earlier)
  • ·No known public exploits exist for this vulnerability at time of advisory publication; exploitation requires a high skill level
  • ·Affected versions span multiple product lines: GENESIS64 (GenBroker64, Platform Services, Workbench, FrameWorX Server v10.96 and prior) and GENESIS32 (GenBroker32 v9.5 and prior), as well as MC Works64 v4.02C (10.95.208.31) and earlier and MC Works32 v3.00A (9.50.255.02) — ensure detection scope covers all variants

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.