CVE-2025-11009
Cleartext Credential Storage in Mitsubishi GT Designer3 Enables Unauthorized Access
Publication date: 2025-12-17
Last updated on: 2025-12-17
Assigner: Mitsubishi Electric Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mitsubishi | electric_gt_designer3 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-11009 is an Information Disclosure vulnerability in Mitsubishi Electric's GT Designer3 software for GOT2000 and GOT1000 series. The vulnerability occurs because sensitive user authentication credentials are stored in plaintext within project files. This allows a local unauthenticated attacker who obtains these project files to extract the plaintext credentials, potentially enabling unauthorized operation of the affected devices. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to obtain plaintext credentials from project files and use them to operate GOT2000 or GOT1000 series devices illegally. This unauthorized access could lead to manipulation or control of these devices without permission. The vulnerability has a high confidentiality impact but does not affect integrity or availability. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting the project files of Mitsubishi Electric GT Designer3 for the presence of plaintext credentials. Since the credentials are stored in cleartext within these project files, you can search for sensitive information by examining the files directly. Specific commands are not provided in the resources, but a general approach would be to use file inspection or text search commands (e.g., grep on Linux or findstr on Windows) to look for credential patterns within the project files. Monitoring network traffic for unauthorized access attempts is also advisable, but no explicit detection commands are given. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: restricting the use of affected GT Designer3 products to trusted LAN environments; blocking remote logins from untrusted networks, hosts, or users; employing firewalls and VPNs when connecting affected PCs to the Internet to prevent unauthorized access; physically restricting access to affected PCs and network devices; installing antivirus software; and avoiding opening untrusted files or clicking on untrusted links. Since no fixed version is planned, these measures help reduce the risk of exploitation. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not explicitly discuss the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA. However, since the vulnerability involves cleartext storage of sensitive credentials, it could potentially lead to unauthorized access and information disclosure, which may affect compliance with data protection regulations that require safeguarding sensitive information. No direct statements about compliance impact are given. [1, 2]