Login Sign Up

CVE-2023-51776

7.8 HIGH

📋 TL;DR

This vulnerability in Jungo WinDriver allows local attackers to escalate privileges and execute arbitrary code due to improper privilege management. It affects systems running WinDriver versions before 12.1.0, primarily impacting industrial control systems and embedded devices that use this driver development toolkit.

💻 Affected Systems

Products:
  • Jungo WinDriver
Versions: All versions before 12.1.0
Operating Systems: Windows, Linux, Embedded systems supported by WinDriver
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems using WinDriver for device driver development, particularly in industrial control systems and embedded devices from various manufacturers.

📦 What is this software?

Cpu Module Logging Configuration Tool by Mitsubishielectric

View all CVEs affecting Cpu Module Logging Configuration Tool →

Cw Configurator by Mitsubishielectric

View all CVEs affecting Cw Configurator →

Data Transfer by Mitsubishielectric

View all CVEs affecting Data Transfer →

Data Transfer Classic by Mitsubishielectric

View all CVEs affecting Data Transfer Classic →

Ezsocket by Mitsubishielectric

View all CVEs affecting Ezsocket →

Fr Configurator Sw3 by Mitsubishielectric

View all CVEs affecting Fr Configurator Sw3 →

Fr Configurator2 by Mitsubishielectric

View all CVEs affecting Fr Configurator2 →

Genesis64 by Mitsubishielectric

View all CVEs affecting Genesis64 →

Gt Got1000 by Mitsubishielectric

View all CVEs affecting Gt Got1000 →

Gt Got2000 by Mitsubishielectric

View all CVEs affecting Gt Got2000 →

Gt Softgot1000 by Mitsubishielectric

View all CVEs affecting Gt Softgot1000 →

Gt Softgot2000 by Mitsubishielectric

View all CVEs affecting Gt Softgot2000 →

Gx Developer by Mitsubishielectric

View all CVEs affecting Gx Developer →

Gx Logviewer by Mitsubishielectric

View all CVEs affecting Gx Logviewer →

Gx Works2 by Mitsubishielectric

View all CVEs affecting Gx Works2 →

Gx Works3 by Mitsubishielectric

View all CVEs affecting Gx Works3 →

Iq Works by Mitsubishielectric

View all CVEs affecting Iq Works →

Mi Configurator by Mitsubishielectric

View all CVEs affecting Mi Configurator →

Mr Configurator by Mitsubishielectric

View all CVEs affecting Mr Configurator →

Mr Configurator2 by Mitsubishielectric

View all CVEs affecting Mr Configurator2 →

Mrzjw3 Mc2 Utl Firmware by Mitsubishielectric

View all CVEs affecting Mrzjw3 Mc2 Utl Firmware →

Mx Component by Mitsubishielectric

View all CVEs affecting Mx Component →

Mx Opc Server Da\/ua by Mitsubishielectric

View all CVEs affecting Mx Opc Server Da\/ua →

Numerical Control Device Communication by Mitsubishielectric

View all CVEs affecting Numerical Control Device Communication →

Px Developer\/monitor Tool by Mitsubishielectric

View all CVEs affecting Px Developer\/monitor Tool →

Rt Toolbox3 by Mitsubishielectric

View all CVEs affecting Rt Toolbox3 →

Rt Visualbox by Mitsubishielectric

View all CVEs affecting Rt Visualbox →

Sw0dnc Mneth B Firmware by Mitsubishielectric

View all CVEs affecting Sw0dnc Mneth B Firmware →

Sw1dnc Ccbd2 B Firmware by Mitsubishielectric

View all CVEs affecting Sw1dnc Ccbd2 B Firmware →

Sw1dnc Ccief B Firmware by Mitsubishielectric

View all CVEs affecting Sw1dnc Ccief B Firmware →

Sw1dnc Ccief J Firmware by Mitsubishielectric

View all CVEs affecting Sw1dnc Ccief J Firmware →

Sw1dnc Mnetg B Firmware by Mitsubishielectric

View all CVEs affecting Sw1dnc Mnetg B Firmware →

Sw1dnc Qsccf B Firmware by Mitsubishielectric

View all CVEs affecting Sw1dnc Qsccf B Firmware →

Sw1dnd Emsdk B Firmware by Mitsubishielectric

View all CVEs affecting Sw1dnd Emsdk B Firmware →

Windriver by Jungo

View all CVEs affecting Windriver →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with administrative privileges, enabling installation of persistent malware, data theft, or disruption of critical industrial processes.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated permissions, modify system configurations, or execute malicious code within the context of the vulnerable driver.

🟢

If Mitigated

Limited impact if proper access controls, least privilege principles, and network segmentation are implemented, restricting local access to authorized users only.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local system access, not directly exploitable over the internet.
🏢 Internal Only: HIGH - Local attackers or malware with initial foothold can exploit this to gain elevated privileges and potentially compromise the entire system.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local access to the system. The CWE-269 classification suggests improper privilege management that could be exploited through standard local attack vectors.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 12.1.0 and later

Vendor Advisory: https://jungo.com/windriver/versions/

Restart Required: Yes

Instructions:

1. Download WinDriver version 12.1.0 or later from Jungo's website. 2. Uninstall previous versions. 3. Install the updated version. 4. Restart the system. 5. Recompile any custom drivers with the updated toolkit.

🔧 Temporary Workarounds

Restrict local access

all

Limit local user access to systems running vulnerable WinDriver versions to authorized personnel only.

Implement least privilege

all

Run applications and services with minimal necessary privileges to reduce impact of privilege escalation.

🧯 If You Can't Patch

  • Isolate affected systems using network segmentation to prevent lateral movement
  • Implement strict access controls and monitoring for systems running vulnerable WinDriver versions

🔍 How to Verify

Check if Vulnerable:

Check WinDriver version in installed programs list or via vendor documentation. Versions below 12.1.0 are vulnerable.

Check Version:

Check via Windows Programs and Features, or consult vendor documentation for version verification methods.

Verify Fix Applied:

Verify WinDriver version is 12.1.0 or higher after update. Check that custom drivers have been recompiled with the updated toolkit.

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation events
  • Suspicious driver loading or modification
  • Unauthorized access to driver-related processes

Network Indicators:

  • Unusual outbound connections from systems with WinDriver
  • Lateral movement attempts from WinDriver systems

SIEM Query:

EventID=4688 OR EventID=4672 AND ProcessName contains 'windriver' OR 'wd'

📊 Metadata

CVE ID: CVE-2023-51776
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-269
Published: July 2, 2024
Last Updated: March 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-51776, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)