Shulou(Shulou.com)05/31 Report--

Mitsubishi Electric MELSEC programmable controller super-dangerous loophole example analysis, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

The U.S. Cyber Security and Infrastructure Security Agency (CISA) issued a security announcement on June 23, revealing a security vulnerability in Mitsubishi Electric MELSEC. MELSEC is a programmable controller produced by Mitsubishi Electric Company in Japan. MELSEC includes iQ-R, iQ-F, Q and other series, which is mainly used in key manufacturing industries all over the world.

The vulnerability in Mitsubishi Electric MELSEC is an information disclosure vulnerability, which is numbered CVE-2020-14476 and has a score of 10.0.

According to an announcement issued by CISA in the United States, the vulnerability is due to the transmission of sensitive information between Mitsubishi Electric MELSEC iQ-R,iQ-F,Q,L and FX series CPU modules and GX Works3/GX Works2 in clear text. This vulnerability can pose a series of potential risks and can be successfully exploited by an attacker who can disclose information, tamper with information, perform unauthorized operations, or cause a denial of service.

It is reported that the vulnerability was discovered and reported to Mitsubishi Electric by the NESC research team of Zhejiang University. An attacker can exploit the vulnerability remotely, and the exploitation of the vulnerability does not require advanced technology.

Mitsubishi Electric recommends that users mitigate the impact of this vulnerability by setting VPN to encrypt the communication path. CISA in the United States also recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. The details are as follows:

For all control system devices and systems, minimize their network exposure and ensure that they are not accessible from the Internet

Determine the location of the control system network and remote devices deployed behind the firewall and isolate them from the business network

When remote access is required, use security methods such as VPN, while recognizing that VPN may also have vulnerabilities, keep up-to-date with the latest available version, and understand that VPN is secure only if the connected device is secure.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.