Lucene search

K
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_MITSUBISHI_CVE-2021-20598.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Mitsubishi Electric MELSEC iQ-R Series Overly Restrictive Account Lockout Mechanism (CVE-2021-20598)

2022-02-0700:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9

6.7 Medium

AI Score

Confidence

High

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500494);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2021-20598");

  script_name(english:"Mitsubishi Electric MELSEC iQ-R Series Overly Restrictive Account Lockout Mechanism (CVE-2021-20598)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules
(R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout
a legitimate user by continuously trying login with incorrect password.  

This plugin only works with Tenable.ot. Please
visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://jvn.jp/vu/JVNVU98578731/index.html");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-21-250-01");
  # https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-010_en.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0ae413cb");
  script_set_attribute(attribute:"solution", value:
'The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Mitsubishi Electric has prepared the following countermeasures for CVE-2021-20594 and CVE-2021-20597 and recommends
users apply updates:

- MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU: Firmware versions "27" or later

Mitsubishi Electric will release patches for other products. Users should refer to Mitsubishi Electric advisories
2021-008, 2021-009, and 2021-010 for further details.

Mitsubishi Electric recommends users take the following mitigation measures to minimize the risk of exploiting these
vulnerabilities:

- Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.
- Use within a LAN and block access from untrusted networks and hosts through firewalls.
- Use the IP filter function* to restrict the accessible IP addresses.
- Register user information or change the password via USB. If you have already registered user information or changed
the user’s password via the network, change the password once via USB. This mitigation is applicable to CVE-2021-20597

*MELSEC iQ-R Ethernet User’s Manual (Application) 1.13 Security “IP filter”

Additional information about these vulnerabilities or Mitsubishi Electric\'s compensating control is available by
contacting a Mitsubishi Electric representative.');
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-20598");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(287);

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/08/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/08/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r08sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r16sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r32sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r120sfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r08psfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r16psfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r32psfcpu_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mitsubishielectric:r120psfcpu_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Mitsubishi");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Mitsubishi');

var asset = tenable_ot::assets::get(vendor:'Mitsubishi');

var vuln_cpes = {
    "cpe:/o:mitsubishielectric:r08sfcpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishielectric:r16sfcpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishielectric:r32sfcpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishielectric:r120sfcpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishielectric:r08psfcpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishielectric:r16psfcpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishielectric:r32psfcpu_firmware" :
        {"family" : "MELSECiQR"},
    "cpe:/o:mitsubishielectric:r120psfcpu_firmware" :
        {"family" : "MELSECiQR"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);

6.7 Medium

AI Score

Confidence

High

Related for TENABLE_OT_MITSUBISHI_CVE-2021-20598.NASL