CVE-2024-8300: CWE-561 Dead Code in Mitsubishi Electric Corporation GENESIS64
Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
AI Analysis
Technical Summary
CVE-2024-8300 is a vulnerability classified under CWE-561 (Dead Code) found in Mitsubishi Electric Corporation's GENESIS64 and ICONICS Suite products, specifically versions 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2, and 10.97.3. The flaw arises from dead or unused code that can be manipulated by a local authenticated attacker to execute arbitrary malicious code. The attack vector involves tampering with a specially crafted Dynamic Link Library (DLL) file that the affected software loads. Because the attacker must have local access with low privileges, the attack complexity is high, but no user interaction is required. Successful exploitation can compromise confidentiality, integrity, and availability by disclosing sensitive information, modifying or destroying data, or causing denial of service conditions. The vulnerability affects critical industrial control and SCADA systems used in automation environments, which rely on GENESIS64 and ICONICS Suite for monitoring and control. No public exploits are known at this time, but the potential impact on industrial operations is significant. The CVSS v3.1 score is 7.0, reflecting high severity due to the broad impact on data and system availability despite the requirement for local access and higher attack complexity.
Potential Impact
For European organizations, especially those in manufacturing, energy, utilities, and critical infrastructure sectors, this vulnerability poses a significant risk. GENESIS64 and ICONICS Suite are widely used in industrial automation and SCADA systems, which are integral to operational technology (OT) environments. Exploitation could lead to unauthorized disclosure of sensitive operational data, manipulation or destruction of control commands, and disruption of industrial processes through denial of service. This could result in operational downtime, safety hazards, financial losses, and damage to reputation. Given the critical nature of these systems, even localized attacks could have cascading effects on supply chains and essential services. The requirement for local authenticated access means insider threats or attackers who gain initial footholds via other means could leverage this vulnerability to escalate privileges or cause significant damage.
Mitigation Recommendations
European organizations should implement strict access controls to limit local access to systems running GENESIS64 and ICONICS Suite. Employing multi-factor authentication and role-based access control can reduce the risk of unauthorized local access. Integrity verification mechanisms such as cryptographic checksums or digital signatures should be used to detect tampering with DLL files. Network segmentation and isolation of OT environments from corporate IT networks can limit attacker movement. Monitoring and logging of local file changes and suspicious activities should be enhanced. Organizations should stay alert for patches or updates from Mitsubishi Electric and apply them promptly once released. Additionally, conducting regular security audits and penetration testing focused on local privilege escalation vectors can help identify and remediate weaknesses before exploitation occurs.
Affected Countries
Germany, France, Italy, United Kingdom, Spain, Netherlands, Belgium, Sweden
CVE-2024-8300: CWE-561 Dead Code in Mitsubishi Electric Corporation GENESIS64
Description
Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3 allows a local authenticated attacker to execute a malicious code by tampering with a specially crafted DLL. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.
AI-Powered Analysis
Technical Analysis
CVE-2024-8300 is a vulnerability classified under CWE-561 (Dead Code) found in Mitsubishi Electric Corporation's GENESIS64 and ICONICS Suite products, specifically versions 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2, and 10.97.3. The flaw arises from dead or unused code that can be manipulated by a local authenticated attacker to execute arbitrary malicious code. The attack vector involves tampering with a specially crafted Dynamic Link Library (DLL) file that the affected software loads. Because the attacker must have local access with low privileges, the attack complexity is high, but no user interaction is required. Successful exploitation can compromise confidentiality, integrity, and availability by disclosing sensitive information, modifying or destroying data, or causing denial of service conditions. The vulnerability affects critical industrial control and SCADA systems used in automation environments, which rely on GENESIS64 and ICONICS Suite for monitoring and control. No public exploits are known at this time, but the potential impact on industrial operations is significant. The CVSS v3.1 score is 7.0, reflecting high severity due to the broad impact on data and system availability despite the requirement for local access and higher attack complexity.
Potential Impact
For European organizations, especially those in manufacturing, energy, utilities, and critical infrastructure sectors, this vulnerability poses a significant risk. GENESIS64 and ICONICS Suite are widely used in industrial automation and SCADA systems, which are integral to operational technology (OT) environments. Exploitation could lead to unauthorized disclosure of sensitive operational data, manipulation or destruction of control commands, and disruption of industrial processes through denial of service. This could result in operational downtime, safety hazards, financial losses, and damage to reputation. Given the critical nature of these systems, even localized attacks could have cascading effects on supply chains and essential services. The requirement for local authenticated access means insider threats or attackers who gain initial footholds via other means could leverage this vulnerability to escalate privileges or cause significant damage.
Mitigation Recommendations
European organizations should implement strict access controls to limit local access to systems running GENESIS64 and ICONICS Suite. Employing multi-factor authentication and role-based access control can reduce the risk of unauthorized local access. Integrity verification mechanisms such as cryptographic checksums or digital signatures should be used to detect tampering with DLL files. Network segmentation and isolation of OT environments from corporate IT networks can limit attacker movement. Monitoring and logging of local file changes and suspicious activities should be enhanced. Organizations should stay alert for patches or updates from Mitsubishi Electric and apply them promptly once released. Additionally, conducting regular security audits and penetration testing focused on local privilege escalation vectors can help identify and remediate weaknesses before exploitation occurs.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Mitsubishi
- Date Reserved
- 2024-08-29T06:26:41.397Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6960b131ecefc3cd7c0f7d2c
Added to database: 1/9/2026, 7:41:37 AM
Last enriched: 1/9/2026, 7:56:00 AM
Last updated: 1/9/2026, 11:08:05 PM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-15501: OS Command Injection in Sangfor Operation and Maintenance Management System
CriticalCVE-2026-22584: CWE-94 Improper Control of Generation of Code ('Code Injection') in Salesforce Uni2TS
HighCVE-2025-62487: The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions. in Palantir com.palantir.acme:gotham-default-apps-bundle
LowCVE-2025-46299: Processing maliciously crafted web content may disclose internal states of the app in Apple tvOS
MediumCVE-2025-46298: Processing maliciously crafted web content may lead to an unexpected process crash in Apple tvOS
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.