← Volver a CVEs
CVE-2025-3784
MEDIUM5.5
Descripcion
Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential information, and obtain or modify project information.
Detalles CVE
Puntuacion CVSS v3.15.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado11/27/2025
Ultima modificacion12/8/2025
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-312
Referencias
https://jvn.jp/vu/JVNVU95288056/(Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp)
https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-01(Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp)
https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-016_en.pdf(Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.