Connect with us

Hi, what are you looking for?



Several Vulnerabilities Patched in ‘MDT AutoSave’ Industrial Automation Product

Industrial automation solutions provider MDT Software has patched several critical and high-severity vulnerabilities in its flagship product, MDT AutoSave.

Industrial automation solutions provider MDT Software has patched several critical and high-severity vulnerabilities in its flagship product, MDT AutoSave.

MDT AutoSave is an automation change management solution that provides backup, version control, historical tracking, user permission, audit trail, change detection, and disaster recovery capabilities for a wider range of industrial control systems (ICS), including PLC, CNC, SCADA, HMI, robots, drives, and welders.

The product is used by some of the world’s biggest manufacturers, including major car makers (Tesla, Kia, BMW, Hyundai, Honda), Coca Cola, P&G, Johnson & Johnson, AstraZeneca, and Nestlé Purina.

Researchers at industrial cybersecurity firm Claroty discovered that MDT AutoSave is affected by seven types of vulnerabilities, including two rated critical and five rated high severity.

Sharon Brizinov, who leads the Vulnerability Research Team at Claroty, told SecurityWeek that an attacker needs network access to the MDT AutoSave server in order to exploit the vulnerabilities.

According to an advisory published last week by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), one of the critical vulnerabilities, CVE-2021-32953, can be exploited to create a new user in the system by using SQL commands, and update that user’s permissions, which allows the attacker to log into the system.

Learn More About Vulnerabilities in Industrial Products at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits Virtual Event Series

Advertisement. Scroll to continue reading.

The second critical flaw, CVE-2021-32933, has been described as a command injection issue and it can be exploited to run a malicious process.

“[CVE-2021-32933] could have enabled an attacker to leverage an API to pass along a malicious file, which could then manipulate the process creation command line and run a command line argument. This could then be leveraged to run a malicious process without any authentication required,” Brizinov explained.

According to CISA, the high-severity vulnerabilities can allow an attacker to break encryption and gain access to the system, replace legitimate files with malicious files, execute malicious files, and obtain sensitive information.

The flaws affect MDT AutoSave versions 6.x and 7.x, and AutoSave for System Platform (A4SP) versions 4 (and earlier) and 5.0. The vendor released patches for each of the impacted products at different times between December 2020 and June 2021.

Related: ICS Patch Tuesday: Siemens and Schneider Electric Address 100 Vulnerabilities

Related: ICS Vendors Assessing Impact of New OPC UA Vulnerabilities

Related: Vulnerabilities in B&R Automation Software Facilitate Attacks on ICS Networks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.