Arbitrary Code Execution via Crafted HTML Document in Mitsubishi Electric Automation MC-WorX Suite 8.02

Arbitrary Code Execution via Crafted HTML Document in Mitsubishi Electric Automation MC-WorX Suite 8.02

CVE-2013-2817 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.

Learn more about our User Device Pen Test.