Three vulnerability identified in Mitsubishi Electric safety PLC and GX Works3 CVE-2022-29831,CVE-2022-29832, CVE-2022-29833 during the research project by nozomi networks. Nozomi Networks know for delivers accurate, actionable intelligence and protection for integrated OT and IoT security at scale.
Attacker only need one safety PLC project file to carry out the successful attack and attacker can get this files by many ways including misconfigured server or shared computer or by eavesdropping an unprotected communication.
CVE-2022-29831: Use of Hard-coded Password (CWE-259), CVSS v3.1 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVE-2022-29832: Cleartext Storage of Sensitive Information in Memory (CWE-316), CVSS v3.1 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVE-2022-29833: Insufficiently Protected Credentials (CWE-522), CVSS v3.1 6.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)
"However, if an asset owner has opted to re-use the same credentials for accessing the safety CPU module to also protect the related project file, a much dangerous scenario would occur. As a matter of fact, in this situation, an attacker may chain all three issues and obtain a remarkably powerful attack primitive that would allow them to directly access the safety CPU module. This would give them the potential opportunity to compromise it and, therefore, disrupt the managed industrial process." said in his blog
No comments:
Post a Comment