Mitsubishi, Clorius Holes Released

Wednesday, April 3, 2013 @ 12:04 PM gHale

Two reports regarding vulnerabilities for Clorius Controls and for Mitsubishi released this week to the public without mitigations from the suppliers, which means users need to remain extra vigilant, according to reports with ICS-CERT.

The first release was for a remotely exploitable vulnerability affecting the Clorius Controls ICS SCADA product that allows for an information disclosure that can lead to a loss of confidentiality.

Patches for Wind River Holes
Mitigation for Siemens Comm Modules
Invensys Patches Wonderware Bug
Mitigation Ready for SEL Bug

The vulnerability found the device hosts a web service that reveals fingerprint information. This report released without coordination with either the vendor or ICS-CERT.

ICS-CERT attempted to notify the affected vendor of the report to confirm the vulnerability and identify mitigations. ICS-CERT issued an alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cyber security attacks.

Meanwhile, another report released without coordination for a remotely exploitable heap-based buffer overflow vulnerability with proof-of-concept (PoC) exploit code affecting Mitsubishi MX, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product. The vulnerability could lead to remote code execution.

According to this report, the vulnerability is exploitable when an attacker provides specially crafted input. ICS-CERT notified the vendor and has asked the vendor to confirm the vulnerability and identify mitigations.

According to the Mitsubishi Automation Web site, MX links Mitsubishi PLCs with PCs running Microsoft Windows via serial, Ethernet, or other connections.

Click here for more details on this report.

Leave a Reply

You must be logged in to post a comment.