Executive Summary

[{'type': 'paragraph', 'content': "CVE-2025-10314 is an Incorrect Default Permissions vulnerability in Mitsubishi Electric's FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2. It allows a local attacker with limited privileges to replace service executable files (EXE) or DLLs in the installation directory with specially crafted malicious files."}, {'type': 'paragraph', 'content': 'By doing this, the attacker can execute arbitrary code with system-level privileges, which means they can run any code they want with the highest level of access on the affected PC.'}, {'type': 'paragraph', 'content': 'This vulnerability arises because the software sets incorrect file permissions during installation, enabling unauthorized file replacement.'}] [1, 2]

Useful 0 Not Useful 0

Impact Analysis

An attacker exploiting this vulnerability can execute arbitrary code with system privileges on the affected PC.

• They may disclose, tamper with, delete, or destroy information stored on the PC.
• They can cause a Denial of Service (DoS) condition, making the system unavailable.

Because the attacker gains system-level access, the impact on confidentiality, integrity, and availability of data and system resources is high.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by verifying the installed version of the FREQSHIP-mini software on the affected Windows system. Users can check the version via the “Ver.” notation on the UPS environment settings screen to determine if it falls within the vulnerable range (versions 8.0.0 to 8.0.2).'}, {'type': 'paragraph', 'content': 'Additionally, detection involves checking the permissions of the service executable files (EXE) or DLLs in the installation directory to see if they have incorrect default permissions that allow replacement by non-administrator users.'}, {'type': 'paragraph', 'content': 'Suggested commands to assist in detection on a Windows system include:'}, {'type': 'list_item', 'content': 'Check the installed version of FREQSHIP-mini via the UPS environment settings or by locating the executable and checking its properties.'}, {'type': 'list_item', 'content': 'Use PowerShell or Command Prompt to check file permissions in the installation directory, for example:'}, {'type': 'list_item', 'content': 'PowerShell: Get-Acl -Path "C:\\Path\\To\\FREQSHIP-mini\\" | Format-List'}, {'type': 'list_item', 'content': 'Command Prompt: icacls "C:\\Path\\To\\FREQSHIP-mini\\"'}, {'type': 'paragraph', 'content': 'These commands help identify if non-administrator users have write or modify permissions on the executable or DLL files, which would indicate vulnerability to exploitation.'}] [1]

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include updating the FREQSHIP-mini software to version 8.1.0 or later, where the vulnerability is fixed.

For systems where updating is not possible (such as Windows Vista, 7, 8, 8.1, or Windows Server 2008), the following mitigations are recommended:

• Restrict the affected PCs to LAN use only to prevent exposure to untrusted networks.
• Block remote logins from untrusted networks, hosts, and non-administrator users.
• Use firewalls or VPNs to prevent unauthorized access.
• Allow remote login only to administrators when internet connectivity is necessary.
• Restrict physical access to the PC and its network.
• Avoid clicking on untrusted email links or attachments.
• Install and maintain antivirus software.

Useful 0 Not Useful 0