cve/2022/CVE-2022-29832.md

### [CVE-2022-29832](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29832)
![](https://img.shields.io/static/v1?label=Product&message=GX%20Developer&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=GX%20Works2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=GX%20Works3&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.015R%20and%20later%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%208.40S%20and%20later%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20all%20versions%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-316%20Cleartext%20Storage%20of%20Sensitive%20Information%20in%20Memory&color=brighgreen)

### Description

Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could obtain information about the project file for MELSEC safety CPU modules or project file for MELSEC Q/FX/L series with security setting.

### POC

#### Reference
- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2022-29832](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29832)`
			`![](https://img.shields.io/static/v1?label=Product&message=GX%20Developer&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=GX%20Works2&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=GX%20Works3&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%201.015R%20and%20later%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%208.40S%20and%20later%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20all%20versions%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-316%20Cleartext%20Storage%20of%20Sensitive%20Information%20in%20Memory&color=brighgreen)`

			`### Description`

			`Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated users could obtain information about the project file for MELSEC safety CPU modules or project file for MELSEC Q/FX/L series with security setting.`

			`### POC`

			`#### Reference`
			`- https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf`

			`#### Github`
			`No PoCs found on GitHub currently.`