CVE-2025-0921: CWE-250 Execution with Unnecessary Privileges in Mitsubishi Electric Corporation GENESIS64
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
AI Analysis
Technical Summary
CVE-2025-0921 is an execution with unnecessary privileges vulnerability (CWE-250) in multiple Mitsubishi Electric GENESIS64 and related products up to version 10.97.3. The flaw allows a local authenticated attacker to create symbolic links from files that the affected services write to, redirecting writes to arbitrary files. This unauthorized write capability can destroy important files on the PC, causing denial-of-service conditions if those files are essential for operation. The vulnerability requires local authentication and low attack complexity. The CVSS 3.1 base score is 6.5 (medium severity), reflecting no confidentiality or availability impact but high integrity impact. A patch is available from the vendor.
Potential Impact
An attacker with local authenticated access can exploit this vulnerability to overwrite or destroy arbitrary files by leveraging symbolic links. This can result in denial-of-service conditions on the affected PC if critical files are damaged. There is no direct confidentiality or availability impact reported. No known exploits are currently in the wild.
Mitigation Recommendations
A patch is available from Mitsubishi Electric Corporation to remediate this vulnerability. It is recommended to apply the official fix promptly to prevent exploitation. Since this vulnerability requires local authenticated access, limiting local user privileges and access can reduce risk until patched. No additional vendor advisory content was provided; check Mitsubishi Electric's official security advisories for the patch and detailed remediation instructions.
CVE-2025-0921: CWE-250 Execution with Unnecessary Privileges in Mitsubishi Electric Corporation GENESIS64
Description
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric AnalytiX versions 10.97.3 and prior, Mitsubishi Electric IoTWorX version 10.95, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric BizViz all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS versions 11.00, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions AnalytiX versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions IoTWorX version 10.95, Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions, Mitsubishi Electric Iconics Digital Solutions BizViz all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS versions 11.00 allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-0921 is an execution with unnecessary privileges vulnerability (CWE-250) in multiple Mitsubishi Electric GENESIS64 and related products up to version 10.97.3. The flaw allows a local authenticated attacker to create symbolic links from files that the affected services write to, redirecting writes to arbitrary files. This unauthorized write capability can destroy important files on the PC, causing denial-of-service conditions if those files are essential for operation. The vulnerability requires local authentication and low attack complexity. The CVSS 3.1 base score is 6.5 (medium severity), reflecting no confidentiality or availability impact but high integrity impact. A patch is available from the vendor.
Potential Impact
An attacker with local authenticated access can exploit this vulnerability to overwrite or destroy arbitrary files by leveraging symbolic links. This can result in denial-of-service conditions on the affected PC if critical files are damaged. There is no direct confidentiality or availability impact reported. No known exploits are currently in the wild.
Mitigation Recommendations
A patch is available from Mitsubishi Electric Corporation to remediate this vulnerability. It is recommended to apply the official fix promptly to prevent exploitation. Since this vulnerability requires local authenticated access, limiting local user privileges and access can reduce risk until patched. No additional vendor advisory content was provided; check Mitsubishi Electric's official security advisories for the patch and detailed remediation instructions.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Mitsubishi
- Date Reserved
- 2025-01-31T01:50:57.976Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0f91484d88663aebed2
Added to database: 5/20/2025, 6:59:05 PM
Last enriched: 4/17/2026, 11:51:11 AM
Last updated: 5/8/2026, 3:04:34 PM
Views: 79
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.