Mitsubishi Fixes Controller DoS

Wednesday, September 30, 2015 @ 10:09 AM gHale

Mitsubishi Electric created a new version that fixes a denial of service (DoS) vulnerability in the MELSEC FX-series controllers, according to a report on ICS-CERT.

This vulnerability, discovered by Ralf Spenneberg of OpenSource Security, could end up exploited remotely.

Remedy to Fix Unsupported PKS Hole
EasyIO Mitigates Hole in Controller
DTM XML Injection Vulnerability Fixed
Privilege Escalation Holes Fixed

MELSEC FX3G Series PLCs suffer from the vulnerability. A machine requires rebooting after exploitation of the vulnerability.

Vernon Hills, IL-based Mitsubishi Electric’s affected products, MELSEC FX-series, are programmable logic controllers.

MELSEC FX-series controllers see action across several sectors including commercial facilities, critical manufacturing, energy, and water and wastewater systems. Mitsubishi Electric estimates these products see use primarily in Asia with a small percentage in the United States and Europe.

The built-in HTTP application is unable to handle parameters longer than expected. A long parameter can cause a denial of service condition that requires a reboot to recover.

CVE-2015-3938 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 7.1.

No known public exploits specifically target this vulnerability. However, an attacker with a medium skill would be able to exploit this vulnerability.

Mitsubishi Electric enhanced the MELSEC FX PLCs to prevent the DoS from occurring in new products starting in April 2015. They cannot guarantee the quality of new firmware in old hardware, so they do not plan to issue a firmware upgrade to existing customers.