Your review has been sent successfully

Mitsubishi Electric Updates

235
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

2 August, 2020

● High

2020-1585

Manufacturing

Description:

Mitsubishi Electric has released security updates to address a vulnerability in the following products:

  • C Controller Interface Module Utility, all versions
  • C Controller Module Setting and Monitoring Tool, all versions
  • CC-Link IE Control Network Data Collector, all versions
  • CC-Link IE Field Network Data Collector, all versions
  • CPU Module Logging Configuration Tool, Versions 1.100E and prior
  • CW Configurator, Versions 1.010L and prior
  • Data Transfer, all versions
  • EZSocket, all versions
  • FR Configurator SW3, all versions
  • FR Configurator2, all versions
  • GT Designer2 Classic, all versions
  • GT Designer3 Version1 (GOT1000), all versions
  • GT SoftGOT1000 Version3, all versions
  • GT SoftGOT2000 Version1, all versions
  • GX Developer, Versions 8.504A and prior
  • GX LogViewer, versions 1.100E and prior
  • GX Works2, all versions
  • GX Works3, Versions 1.063R and prior
  • M_CommDTM-HART, version 1.00A
  • M_CommDTM-IO-Link, all versions
  • MELFA-Works, all versions
  • MELSEC iQ-R Series Motion Module, all versions
  • MELSEC WinCPU Setting Utility, all versions
  • MELSOFT Complete Clean Up Tool, all versions
  • MELSOFT EM Software Development Kit (EM Configurator), versions 1.010L and prior
  • MELSOFT EM Software Development Kit, all versions
  • MELSOFT FieldDeviceConfigurator, versions 1.03D and prior
  • MELSOFT iQ AppPortal, all versions
  • MELSOFT Navigator, all versions
  • MH11 SettingTool Version2, versions 2.002C and prior
  • MI Configurator, all versions
  • Motion Control Setting, Versions 1.005F and prior
  • Motorizer, versions 1.005F and prior
  • MR Configurator2, all versions
  • MT Works2, all versions
  • MTConnect Data Collector, all versions
  • MX Component, all versions
  • MX MESInterface, all versions
  • MX MESInterface-R, all versions
  • MX Sheet, all versions
  • Network Interface Board CC IE Control Utility, all versions
  • Network Interface Board CC IE Field Utility, all versions
  • Network Interface Board CC-Link Ver.2 Utility, all versions
  • Network Interface Board MNETH Utility, all versions
  • Position Board utility 2, all versions
  • PX Developer, all versions
  • RT ToolBox2, all versions
  • RT ToolBox3, all versions
  • Setting/monitoring tools for the C Controller module, all versions
  • SLMP Data Collector, all versions

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Denial of service attack (DoS)
  • Unauthorized disclosure of information
  • Unauthorized modification
  • Escalation of privilege
  • Execute arbitrary code

Best practice and Recommendations:

The CERT team encourages users to review Mitsubishi Electric security advisory and apply the necessary updates:

Last updated at 2 August, 2020

Rate the content

rate-icon
up icon