Nozomi Networks Labs
Mitsubishi Electric Multiple Factory Automation Engineering Software Products – Advisory (ICSA-20-212-02)
Successful exploitation of this vulnerability may enable the reading of arbitrary files, cause a denial-of-service condition, and allow execution of a malicious binary.
Successful exploitation of this vulnerability could cause a denial-of-service condition in the controller when reading specific memory blocks using Modbus TC, when writing specific physical memory blocks using Modbus TCP, and when reading data with invalid index using Modbus TCP.
Successful exploitation of this vulnerability could cause a denial-of-service condition.
Successful exploitation of this vulnerability may render the device unresponsive, requiring a physical reset of the PLC (Programmable Logic Controller).
Successful exploitation of these vulnerabilities could allow a remote attacker to render the web server unavailable and/or place the controller in a major non-recoverable faulted state (MNRF).
Successful exploitation of this vulnerability could result in a denial-of-service condition that could result in a loss of availability of the affected device.
Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution on the device.
Successful exploitation of these vulnerabilities could allow arbitrary code execution, malware injection, or malware to spread to other workstations.
Successful exploitation of these vulnerabilities may allow an attacker with local file write access to manipulate files and cause a denial-of-service-condition, or execute code both on the manipulated installation as well as devices configured using the manipulated installation.
GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, RXi – Advisory (ICSA-18-137-01)
Successful exploitation of this vulnerability could cause the device to reboot and change its state, causing the device to become unavailable.
Successful exploitation of this vulnerability could allow a denial-of-service condition affecting the ability of the device to establish connections to commissioning and service software tools.
Exploitation may possibly cause a halt of Ethernet functionality, requiring a cold start to restore the system as well as communications related to ControlWave Designer access. This can possibly result in a loss of system availability and disruption in communications with other connected devices.
Successful exploitation of this vulnerability may render the device unresponsive requiring a physical reset of the PLC.
Curated and maintained by Nozomi Networks Labs, the Threat Intelligence™ service provides threat and vulnerability updates to Guardian, making it easy for IT/OT professionals to stay on top of current OT and IoT risks.
“Threat actors love finding new ways to attack critical infrastructure. We love finding new ways to detect their malware before damage occurs.”
© 2020 Nozomi Networks, Inc.
All Rights Reserved.