Mitsubishi Electric Updates
1835Warning Date
Severity Level
Warning Number
Target Sector
24 October, 2021
● High
2021-3735
All - Manufacturing
Description:
Mitsubishi Electric has released security updates to address multiple vulnerabilities in the following products:
- GENESIS64: Versions 10.97 and prior
- Hyper Historian: Versions 10.97 and prior
- AnalytiX: Versions 10.97 and prior
- MobileHMI: Versions 10.97 and prior
- MC Works64: Versions 4.04E and prior
- GENESIS64 (all versions up to and including 10.97)
- MC Works64 (all version of MC Works64, up to and including Version 4.04E)
Threats:
Attackers could exploit these vulnerabilities by doing the following:
- Buffer overflow
- Execute arbitrary code
Best practice and Recommendations:
The CERT team encourages users to review Mitsubishi Electric security advisory:
Mitsubishi Electric recommends following the below recommendations:
- Minimizing network exposure for all control system devices and/or systems
- Locating control system networks and devices behind firewalls and isolating them from the enterprise/business network
- Do not click web links or open unsolicited attachments in e-mail messages.