Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z, and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.065T allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a result, unauthenticated attackers may obtain information about project files illegally.
Conclusion & alert: CVE-2022-29830 is rated Moderate Risk (63.7/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 1.20%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-04-24 | 1.55% | 1.20% | -0.35% |
| 2 | 2025-12-29 | 0.96% | 1.55% | +0.59% |
| 3 | 2025-12-10 | — | 0.96% | — |
Full EPSS history (19 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 9.1 | 3.1 | CRITICAL |
|
3.9 | 5.2 | [email protected] |
| 9.1 | 3.1 | CRITICAL |
|
3.9 | 5.2 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| mitsubishielectric | gx_works3 | >= 1.000a, <= 1.011m | cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:* |
| mitsubishielectric | gx_works3 | >= 1.015r, <= 1.086q | cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:* |
| mitsubishielectric | gx_works3 | >= 1.087r | cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://jvn.jp/vu/JVNVU97244961/index.html | Third Party Advisory VDB Entry |
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-05 | |
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-015_en.pdf | Mitigation Vendor Advisory |