A critical OS command injection vulnerability (CVE-2025-11774) affects Mitsubishi Electric's GENESIS64, ICONICS Suite, MobileHMI, and MC Works64 products. The vulnerability exists in the software keyboard function and could allow attackers to execute arbitrary executable files when legitimate users use the keypad function. Successful exploitation could result in denial-of-service, information tampering, and information disclosure. The vulnerability has a CVSS score of 8.2 (HIGH). Mitsubishi Electric recommends upgrading to GENESIS64 v10.97.3 or higher, or migrating to GENESIS V11. No fix is planned for MC Works64, with users advised to upgrade to GENESIS64.