Mitsubishi Electric Electrical Discharge Machines (Update A)

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 9.3 *ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Mitsubishi Electric Corporation
• Equipment: Electrical discharge machines
• Vulnerability: Improper Input Validation

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to disclose, tamper with, destroy, or delete information in the products, or cause a denial-of-service condition on the products.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Mitsubishi Electric reports that the following electrical discharge machines are affected by this vulnerability in Microsoft Message Queuing service:

• Wire-cut EDM MV Series MV1200S D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MV Series MV2400S D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MV Series MV4800S D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MV Series MV1200R D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MV Series MV2400R D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MV Series MV4800R D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MV Series MV1200S D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MV Series MV2400S D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MV Series MV4800S D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MV Series MV1200R D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MV Series MV2400R D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MV Series MV4800R D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MP Series MP1200 D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MP Series MP2400 D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MP Series MP4800 D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MP Series MP1200 D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MP Series MP2400 D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MP Series MP4800 D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MX Series MX900 D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MX Series MX2400 D-CUBES Series Standard system BRD-B60W000: versions B13 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Wire-cut EDM MX Series MX900 D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Wire-cut EDM MX Series MX2400 D-CUBES Series Special system BRD-B63W000 to W036: all versions
• Sinker EDM SV-P Series SV8P D-CUBES Series Standard system BRD-M60W000: versions A12 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Sinker EDM SV-P Series SV12P D-CUBES Series Standard system BRD-M60W000: versions A12 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Sinker EDM SV-P Series SV8P D-CUBES Series Special system BRD-M63W000 to W022: all versions
• Sinker EDM SV-P Series SV12P D-CUBES Series Special system BRD-M63W000 to W022: all versions
• Sinker EDM SG Series SG8 D-CUBES Series Standard system BRD-M60W000: versions A12 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Sinker EDM SG Series SG12 D-CUBES Series Standard system BRD-M60W000: versions A12 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Sinker EDM SG Series SG28 D-CUBES Series Standard system BRD-M60W000: versions A12 and prior, without Special Modification Patch BRD-C62W003-A0 installed
• Sinker EDM SG Series SG8 D-CUBES Series Special system BRD-BRD-M63W000 to W022: all versions
• Sinker EDM SG Series SG12 D-CUBES Series Special system BRD-M63W000 to W022: all versions
• Sinker EDM SG Series SG28 D-CUBES Series Special system BRD-M63W000 to W022: all versions

3.2 Vulnerability Overview

3.2.1Improper Input Validation CWE-20

Remote code execution vulnerability due to Microsoft Message Queuing service on Microsoft Windows exists in electrical discharge machines.

CVE-2023-21554 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

A CVSS v4 score has also been calculated for CVE-2023-21554. A base score of 9.3 has been calculated; the CVSS vector string is (CVSS4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Japan

3.4 RESEARCHER

Mitsubishi Electric reported this vulnerability to CISA.

4. MITIGATIONS

Mitsubishi Electric recommends that users install the Special Modification Patch BRD-C62W003-A0 on their system. For information about how to install the update program, please contact your local service center.

Mitsubishi Electric recommends taking the mitigations listed below to minimize the risk of exploitation of this vulnerability.

• Use a firewall, virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.
• Use within a LAN and block access from untrusted networks and hosts through firewalls.
• Restrict physical access to the affected products and to personal computers and network devices that can communicate with them.
• Install anti-virus software on personal computers that can communicate with the affected products.

For specific update instructions and additional details refer to Mitsubishi Electric advisory 2023-022.

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

No known public exploitation specifically targeting this vulnerability) has been reported to CISA at this time.

5. UPDATE HISTORY

• February 20, 2024: Initial Publication
• April 23, 2024: (Update A) Added Special Modification Patch BRD-C62W003-A0