The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week launched an Industrial Control Systems (ICS) advisory warning of a number of vulnerabilities in Mitsubishi Electric GX Works3 engineering software program.
“Successful exploitation of those vulnerabilities might enable unauthorized customers to achieve entry to the MELSEC iQ-R/F/L collection CPU modules and the MELSEC iQ-R collection OPC UA server module or to view and execute packages,” the company stated.
GX Works3 is an engineering workstation software program utilized in ICS environments, performing as a mechanism for importing and downloading packages from/to the controller, troubleshooting software program and {hardware} points, and performing upkeep operations.
The wide selection of features additionally makes the platform a beautiful goal for menace actors trying to compromise such programs to commandeer the managed PLCs.
Three of the ten shortcomings relate to cleartext storage of delicate information, 4 relate to the usage of a hard-coded cryptographic key, two relate to the usage of a hard-coded password, and one issues a case of insufficiently protected credentials.
The most crucial of the bugs, CVE-2022-25164, and CVE-2022-29830, carry a CVSS rating of 9.1 and could possibly be abused to achieve entry to the CPU module and acquire details about venture recordsdata with out requiring any permissions.
Nozomi Networks, which found CVE-2022-29831 (CVSS rating: 7.5), stated an attacker with entry to a security PLC venture file might exploit the hard-coded password to straight entry the security CPU module and probably disrupt industrial processes.
“Engineering software program represents a essential element within the safety chain of business controllers,” the corporate stated. “Should any vulnerabilities come up in them, adversaries could abuse them to finally compromise the managed gadgets and, consequently, the supervised industrial course of.”
The disclosure comes as CISA revealed particulars of a denial-of-service (DoS) vulnerability in Mitsubishi Electric MELSEC iQ-R Series that stems from a scarcity of correct enter validation (CVE-2022-40265, CVSS rating: 8.6).
“Successful exploitation of this vulnerability might enable a distant unauthenticated attacker to trigger a denial-of-service situation on a goal product by sending specifically crafted packets,” CISA famous.
In a associated growth, the cybersecurity company additional outlined three points impacting Remote Compact Controller (RCC) 972 from Horner Automation, essentially the most essential of which (CVE-2022-2641, CVSS rating: 9.8) might result in distant code execution or trigger a DoS situation.