CVE-2026-36402 | defend.network

CVSSawaiting NVD

ExploitationNo exploitation reported

Triage statusUnder Review

ActionSchedule for next cycle

Affected product

Mitsubishi Electric GENESIS64 & ICONICS Suite

Remediation Steps

Identify all systems running affected GENESIS64 and ICONICS Suite versions
Rotate all SQL Server credentials used by these products immediately
Apply vendor security patches from Mitsubishi Electric
Audit SQL Server access logs for unauthorized credential usage or data access
Implement principle of least privilege for product-specific SQL accounts

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-097-01.json
https://www.mitsubishielectric.com/en/index.html
https://nvd.nist.gov/vuln/detail/CVE-2026-36402

Coverage on defend.network

Vulnerability Priority Report – Week 2 of April 2026 (April 13 – 19)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts