CVE-2025-10314 is a vulnerability classified under CWE-276 (Incorrect Default Permissions) affecting Mitsubishi Electric Corporation's FREQSHIP-mini software for Windows versions 8.0.0 through 8.0.2. The flaw stems from the software's installation directory having overly permissive default permissions on critical service executable files (EXE) and dynamic link libraries (DLLs). This misconfiguration allows a local attacker with limited privileges (low-level user) to replace legitimate service executables or DLLs with specially crafted malicious files. Because these services run with system-level privileges, the attacker can execute arbitrary code with the highest system rights. The impact includes the ability to disclose sensitive information, modify or destroy data, and cause denial of service conditions by disrupting the service's normal operation. The vulnerability does not require user interaction and has a CVSS v3.1 base score of 8.8, indicating high severity. The scope is complete as the attacker can affect system-wide components. Although no public exploits are reported yet, the vulnerability's nature makes it a critical risk for environments where FREQSHIP-mini is deployed, particularly in industrial control or manufacturing settings where Mitsubishi Electric products are common. The vulnerability highlights the importance of secure default permissions and the risks posed by local privilege escalation vectors in critical infrastructure software.

For European organizations, especially those in manufacturing, industrial automation, and critical infrastructure sectors that utilize Mitsubishi Electric's FREQSHIP-mini software, this vulnerability poses a significant risk. Successful exploitation can lead to full system compromise, allowing attackers to steal sensitive operational data, manipulate manufacturing processes, or disrupt production lines through denial of service. This could result in financial losses, operational downtime, intellectual property theft, and potential safety hazards. Given the software runs on Windows systems, the attack surface includes any local user accounts, including those with limited privileges, increasing the risk from insider threats or compromised user accounts. The high severity and system-level impact make this vulnerability particularly dangerous in environments where uptime and data integrity are critical. Additionally, the potential for tampering with industrial control software could have cascading effects on supply chains and critical services within Europe.

1. Immediately audit and restrict file system permissions on the FREQSHIP-mini installation directories to ensure only trusted administrators have write access to service executables and DLLs. 2. Implement application whitelisting to prevent unauthorized executable or DLL replacements. 3. Monitor file integrity using host-based intrusion detection systems (HIDS) to detect unauthorized changes to critical files. 4. Limit local user privileges to the minimum necessary, avoiding unnecessary local accounts with write access to installation paths. 5. Deploy endpoint protection solutions capable of detecting and blocking unauthorized code execution attempts. 6. Coordinate with Mitsubishi Electric for official patches or updates addressing this vulnerability and apply them promptly once available. 7. Conduct regular security training for staff to recognize and report suspicious local activity. 8. Isolate systems running FREQSHIP-mini from less trusted networks to reduce the risk of local exploitation. 9. Review and harden Windows service configurations to prevent unauthorized service modifications. 10. Maintain comprehensive logging and alerting to facilitate rapid incident response in case of exploitation attempts.