This week, the US Cybersecurity and Infrastructure Security Agency (CISA) released an Industrial Control Systems (ICS) Advisory Alert regarding multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software.

“If these vulnerabilities are exploited, an unauthorized user can access the MELSEC iQ-R/F/L series CPU module and MELSEC iQ-R series OPC UA server module, view and execute programs, etc. There is likely to be” Said.

GX Works3 is Engineering workstation Software used in the ICS environment that serves as the mechanism for uploading and downloading programs to and from the controller, troubleshooting software and hardware problems, and performing maintenance operations.

cyber security

The breadth of capabilities also makes the platform an attractive target for threat actors looking to compromise such systems and take over managed PLCs.

3 of the 10 drawbacks relate to cleartext storage of sensitive data, 4 relate to the use of hardcoded encryption keys, 2 relate to the use of hardcoded passwords, 1 Relevant when credentials are poorly protected.

The most serious bugs are CVE-2022-25164When CVE-2022-29830has a CVSS score of 9.1 and can be exploited to access the CPU module and retrieve information about project files without requiring permissions.

Discovered by Nozomi Networks CVE-2022-29831 (CVSS score: 7.5), said an attacker with access to secure PLC project files could exploit hard-coded passwords to gain direct access to secure CPU modules and disrupt industrial processes.

“Engineering software is a key component in the security chain for industrial controllers. Said“If vulnerabilities develop in them, attackers could exploit them to ultimately compromise managed devices and, in turn, compromise monitored industrial processes.”

Disclosure is made as CISA clearly Details of Mitsubishi Electric MELSEC iQ-R Series Denial of Service (DoS) Vulnerability Due to Lack of Proper Input Validation (CVE-2022-40265CVSS score: 8.6).

“Successfully exploiting this vulnerability could allow a remote, unauthenticated attacker to send specially crafted packets to cause a denial of service condition in the affected product,” CISA noted. I’m here.

In a related deployment, the cybersecurity agency further outlined three issues affecting Horner Automation’s Remote Compact Controller (RCC) 972.CVE-2022-2641CVSS score: 9.8) could lead to remote code execution or a DoS condition.

Did you find this article interesting?Please follow us twitter When LinkedIn To read more exclusive content that we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog