CVE-2023-4088

CVE-2023-4088 describes an "Incorrect Default Permissions" flaw in Mitsubishi Electric FA Engineering Software products. The CISA advisory (ICS-CISA ICSA-23-269-03) lists multiple affected products (e.g., AL-PCS/WIN-E, GX Works2/3, GT Designer3, MELSOFT tools, Data Transfer, etc.) across all vers...

Mitsubishi Electric FA Engineering Software Security Vulnerability

Mitsubishi Electric FA Engineering Software is a series of engineering software from Mitsubishi Electric Japan. A security vulnerability exists in Mitsubishi Electric FA Engineering Software. An attacker could exploit the vulnerability to execute malicious code, which could lead to information...

PT-2023-5462 · Mitsubishi · Gx Works3 +1

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation multiple FA engineering software products affected versions not specified GX Works3 affected versions not specified Description: The issue is related to incorrect default permissions, allowing a malicious local...

CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs

The U.S. Cybersecurity and Infrastructure Security Agency CISA this week released an Industrial Control Systems ICS advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. "Successful exploitation of these vulnerabilities could allow unauthorized users ...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven 7 Industrial Control Systems ICS advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

CISA Releases Three Industrial Control Systems Advisories

CISA has released three Industrial Control Systems ICS advisories on September 22, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks

Cybersecurity researchers have elaborated a novel attack technique that weaponizes programmable logic controllers PLCs to gain an initial foothold in engineering workstations and subsequently invade the operational technology OT networks. Dubbed "Evil PLC" attack by industrial security firm...

CVE-2022-30270

The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5...

Default credentials

The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5...

CVE-2022-30270

The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5...

CVE-2022-30270

The ACE1000 RTU (Motorola Solutions) is affected by CVE-2022-30270 due to hard-coded default SSH credentials for five accounts (root, abuilder, acelogin, cappl, ace) used to control SSH on port 22. This enables remote maintenance access and SFTP operations, with documented accounts some not being...

CVE-2020-14496

CVE-2020-14496 is a permissions-based vulnerability in Mitsubishi Electric Factory Automation Engineering Software products. In affected products (e.g., CPU Module Logging Configuration Tool, CW/FR Configurators, EZSocket, GT Designer3, GX Works2/3, MELSOFT tools, Data Transfer, etc.), incorrect ...

Path traversal

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal vulnerability exists that could cause malicious script to be deployed in an unauthorized location and may result in code execution on the engineering workstation when a malicious project file is loaded in the...

Siemens TIA Portal Access Control Error Vulnerability

SIMATIC STEP 7 TIA Portal is the engineering software for configuring and programming SIMATIC controllers. An access control error vulnerability exists in Siemens TIA Portal, which can be exploited by an attacker to achieve elevation of privilege...

CVE-2021-22797

CVE-2021-22797 is a CWE-22 path traversal vulnerability in Schneider Electric EcoStruxure Control Expert (incl. Unity Pro), EcoStruxure Process Expert, and SCADAPack RemoteConnect for x70. The root cause is improper validation of a user-supplied path when loading a malicious project file, which c...

CVE-2022-24322

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...

CVE-2022-24322

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...

CVE-2022-24323

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product:...

CVE-2022-24323

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an attacker is able to intercept and manipulate specific Modbus response data. Affected Product:...

CVE-2022-24322

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...