ICS-CERT has issued a warning this week after vulnerability details concerning Mitsubishi’s MX Component started to gain attention online.
The MX Component is an Active X control library that supports all communication paths from the PC to the PLC. Last month, a researcher released Proof-of-Concept code that would enable an attacker to open a shell on port 5500.
The targeted DLL file (ActUWzd.dll) was shipped with CitectScada (now known as Schneider Electric) products, but it is unknown if it is still used. However, older installations will be vulnerable.
“ICS-CERT is aware of a public report of a heap-based buffer overflow vulnerability with proof-of-concept (PoC) exploit code affecting Mitsubishi MX, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product,” the CERT advisory (PDF) explains.
“According to this report, the vulnerability is exploitable when an attacker provides specially crafted input. This report was released without coordination with either the vendor or ICS-CERT. ICS-CERT has notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations.”
Currently, there is no fix available and Mitsubishi hasn’t issued any statements regarding the CERT advisory. The code itself, and additional details on the vulnerability can be seen here.
The OSVDB summary is here.
It is unknown if the vulnerability details have been used in an attack. ICS-CERT advises that organizations minimize network exposure for all control systems, and ensure that remote access to devices that must be connected to a network be properly secured.
Related Reading: Critical Infrastructure is the New Battleground for Cyber Security
Related Reading: SCADA Honeypots Shed Light on Attacks Against Critical Infrastructure
Related Reading: Putting SCADA Protection on the Radar
Related Reading: ICS-CERT Examines 3 Years of Data to Reveal Common Vulnerabilities for Critical Asset Owners
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- OWASP’s 2023 API Security Top 10 Refines View of API Risks
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- Blumira Raises $15 Million for SMB-Tailored XDR Platform
- Microsoft Will Pay $20M to Settle US Charges of Illegally Collecting Children’s Data
- KeePass Update Patches Vulnerability Exposing Master Password
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Keep Aware Raises $2.4M to Eliminate Browser Blind Spots
