Monday, January 25, 22:56
Home security Defects were found in Mitsubishi automation products

Defects were found in Mitsubishi automation products

Security researchers have discovered some serious defects in its factory automation products Mitsubishi Electric, which could be exploited by malicious agents for remote attacks in organizations.


As he informed last week, the Cybersecurity and Infrastructure Security Agency US (CISA), dozens of Mitsubishi Electric factory automation products, are affected by three defects that can be exploited for escalation of privileges, arbitrary code execution and attacks DoS.

Mitsubishi has already released patches for many of the affected products and also provides mitigation methods for the rest, but also for customers who can not immediately install the updates.

The cybersecurity company, Claroty, was the one who revealed them errors at Mitsubishi in late 2019 and early 2020, as part of the ICS project archive search. In fact, Claroty recently released an open source tool that allows researchers to analyze database files Microsoft Access related to applications SCADA.

The Claroty researcher who discovered these vulnerabilities, Mashav Sapir, said it discovered defects in one of the products, which had been used by a customer, but applauded Mitsubishi for providing a complete list of affected products.

Sapir noted that one of the flaws, the CVE-2020-14523, can be exploited remotely, tricking a user into opening a specially crafted file through a phishing attack.

The intruder could take advantage of this vulnerability to drop a malware executable file on the target system and then exploit the other two errors, CVE-2020-14496 ή CVE-2020-14521 to run this file with enhanced privileges.

"An attacker who manages to exploit these vulnerabilities will gain full access and control over the computer which uses Mitsubishi engineering software ", the researcher explained. "This means that it has full access to both the configuration of ICS devices and the ability to change it at will, as well as full network access to these devices, so it also has the ability to attack them directly. "This means that an attacker could now compromise the operation of the OT environment by modifying it or shutting it down completely without detection."


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement



COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...