CVE-2024-1574: CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') in Mitsubishi Electric Iconics Digital Solutions GENESIS64
CVE-2024-1574 is a medium severity vulnerability in Mitsubishi Electric Iconics Digital Solutions GENESIS64 and related products, caused by unsafe reflection due to externally-controlled input in the licensing feature. It affects versions 10. 97 to 10. 97. 2 and several other related products. A local attacker with low privileges can exploit this by tampering with an unprotected file to execute malicious code with administrative privileges. The vulnerability impacts confidentiality, integrity, and availability, but requires local access and user interaction, with high attack complexity. No known exploits are currently reported in the wild. European organizations using these industrial automation and SCADA solutions should prioritize patching and hardening local access controls to mitigate risk. Countries with significant industrial automation sectors and Mitsubishi Electric customer bases, such as Germany, France, Italy, and the UK, are most likely to be affected.
AI Analysis
Technical Summary
CVE-2024-1574 is a vulnerability classified under CWE-470 (Use of Externally-Controlled Input to Select Classes or Code, also known as unsafe reflection) affecting Mitsubishi Electric Iconics Digital Solutions products, including GENESIS64 versions 10.97 to 10.97.2, GENESIS32, BizViz, and MC Works64. The flaw resides in the licensing feature where an attacker with local access can manipulate a specific file that is not adequately protected by the system. This manipulation allows the attacker to influence the reflection mechanism to load and execute arbitrary code with administrative privileges. The vulnerability requires local access, low privileges, and user interaction, with a high attack complexity, making remote exploitation unlikely without prior access. The CVSS v3.1 score is 6.7 (medium severity), reflecting the significant impact on confidentiality, integrity, and availability if exploited. The vulnerability affects critical industrial control system (ICS) software widely used in SCADA and automation environments, potentially allowing attackers to gain full control over affected systems. No patches or exploits are currently publicly available, but the risk remains due to the critical nature of the affected software in industrial environments.
Potential Impact
The impact on European organizations is substantial given the widespread use of Mitsubishi Electric Iconics products in industrial automation, manufacturing, energy, and critical infrastructure sectors. Exploitation could lead to unauthorized administrative control over ICS and SCADA systems, resulting in data breaches, operational disruption, sabotage, or safety incidents. Confidentiality is at risk as attackers could access sensitive operational data; integrity is compromised by the ability to execute arbitrary code and alter system behavior; availability could be affected by disruption or destruction of control processes. The requirement for local access limits the attack surface but insider threats or compromised endpoints could facilitate exploitation. The vulnerability poses a significant risk to critical infrastructure operators and manufacturing plants across Europe, potentially impacting supply chains and national security.
Mitigation Recommendations
Organizations should immediately audit and restrict local access to systems running affected Mitsubishi Electric Iconics products, enforcing strict access controls and monitoring for suspicious file modifications. Implement application whitelisting and integrity verification on critical files related to licensing features to prevent tampering. Deploy endpoint detection and response (EDR) solutions to detect anomalous behavior indicative of exploitation attempts. Although no official patches are currently available, organizations should engage with Mitsubishi Electric for updates and apply patches as soon as they are released. Network segmentation should isolate ICS environments from general IT networks to reduce the risk of lateral movement. Conduct user training to minimize risky behaviors that could lead to local compromise. Regularly back up system configurations and critical data to enable recovery in case of an incident.
Affected Countries
Germany, France, Italy, United Kingdom, Netherlands, Belgium, Sweden
CVE-2024-1574: CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') in Mitsubishi Electric Iconics Digital Solutions GENESIS64
Description
CVE-2024-1574 is a medium severity vulnerability in Mitsubishi Electric Iconics Digital Solutions GENESIS64 and related products, caused by unsafe reflection due to externally-controlled input in the licensing feature. It affects versions 10. 97 to 10. 97. 2 and several other related products. A local attacker with low privileges can exploit this by tampering with an unprotected file to execute malicious code with administrative privileges. The vulnerability impacts confidentiality, integrity, and availability, but requires local access and user interaction, with high attack complexity. No known exploits are currently reported in the wild. European organizations using these industrial automation and SCADA solutions should prioritize patching and hardening local access controls to mitigate risk. Countries with significant industrial automation sectors and Mitsubishi Electric customer bases, such as Germany, France, Italy, and the UK, are most likely to be affected.
AI-Powered Analysis
Technical Analysis
CVE-2024-1574 is a vulnerability classified under CWE-470 (Use of Externally-Controlled Input to Select Classes or Code, also known as unsafe reflection) affecting Mitsubishi Electric Iconics Digital Solutions products, including GENESIS64 versions 10.97 to 10.97.2, GENESIS32, BizViz, and MC Works64. The flaw resides in the licensing feature where an attacker with local access can manipulate a specific file that is not adequately protected by the system. This manipulation allows the attacker to influence the reflection mechanism to load and execute arbitrary code with administrative privileges. The vulnerability requires local access, low privileges, and user interaction, with a high attack complexity, making remote exploitation unlikely without prior access. The CVSS v3.1 score is 6.7 (medium severity), reflecting the significant impact on confidentiality, integrity, and availability if exploited. The vulnerability affects critical industrial control system (ICS) software widely used in SCADA and automation environments, potentially allowing attackers to gain full control over affected systems. No patches or exploits are currently publicly available, but the risk remains due to the critical nature of the affected software in industrial environments.
Potential Impact
The impact on European organizations is substantial given the widespread use of Mitsubishi Electric Iconics products in industrial automation, manufacturing, energy, and critical infrastructure sectors. Exploitation could lead to unauthorized administrative control over ICS and SCADA systems, resulting in data breaches, operational disruption, sabotage, or safety incidents. Confidentiality is at risk as attackers could access sensitive operational data; integrity is compromised by the ability to execute arbitrary code and alter system behavior; availability could be affected by disruption or destruction of control processes. The requirement for local access limits the attack surface but insider threats or compromised endpoints could facilitate exploitation. The vulnerability poses a significant risk to critical infrastructure operators and manufacturing plants across Europe, potentially impacting supply chains and national security.
Mitigation Recommendations
Organizations should immediately audit and restrict local access to systems running affected Mitsubishi Electric Iconics products, enforcing strict access controls and monitoring for suspicious file modifications. Implement application whitelisting and integrity verification on critical files related to licensing features to prevent tampering. Deploy endpoint detection and response (EDR) solutions to detect anomalous behavior indicative of exploitation attempts. Although no official patches are currently available, organizations should engage with Mitsubishi Electric for updates and apply patches as soon as they are released. Network segmentation should isolate ICS environments from general IT networks to reduce the risk of lateral movement. Conduct user training to minimize risky behaviors that could lead to local compromise. Regularly back up system configurations and critical data to enable recovery in case of an incident.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Mitsubishi
- Date Reserved
- 2024-02-16T01:30:45.960Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 695f9d8ec901b06321e41284
Added to database: 1/8/2026, 12:05:34 PM
Last enriched: 1/15/2026, 12:43:46 PM
Last updated: 2/8/2026, 2:02:36 AM
Views: 61
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-2209: Improper Authorization in WeKan
MediumCVE-2026-2208: Missing Authorization in WeKan
MediumCVE-2026-2207: Information Disclosure in WeKan
MediumCVE-2026-2206: Improper Access Controls in WeKan
MediumCVE-2026-2205: Information Disclosure in WeKan
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.