Palo Alto Networks shared details about the high severity vulnerabilities identified in Mitsubishi Electric and Iconics SCADA products.
These vulnerabilities affect SCADA products from Iconics and Mitsubishi Electric. The products involved include Genesis64 and MC Works64. Since Iconics is part of Mitsubishi Electric, the same vulnerabilities affect products from both brands.
SCADA vulnerabilities identified include DLL hijacking (CVE-2024-1182),incorrect default permissions ( CVE-2024-7587),uncontrolled search path element ( CVE-2024-8299 and CVE-2024-9852) and dead code (CVE-2024-8300).
These vulnerabilities require authentication to exploit. However, after gaining access to the target organization’s systems, attackers can use these vulnerabilities to perform operations such as privilege escalation, manipulating critical files and executing arbitrary code.
In a real attack on industrial systems, SCADA vulnerabilities can lead to service disruptions and, in some cases, even complete system takeover.
These vulnerabilities pose serious risks to confidentiality, integrity and availability, Palo Alto said.
According to the company, these vulnerabilities can be extremely valuable to attackers. This is because Iconics and Mitsubishi Electric SCADA solutions are used in hundreds of thousands of systems around the world in critical sectors such as government, military, water management, manufacturing and energy.
The vulnerabilities were identified in Iconics Suite and Mitsubishi Electric MC Works Windows versions 10.97.2 and 10.97.3 in early 2024. Updates and mitigations were released last year.
The existence of these vulnerabilities was revealed by CISA and affected manufacturers in security announcements published in 2024, announcing the necessary patches and mitigation measures.
Link to this news story: https://www.securityweek.com/details-disclosed-for-scada-flaws-that-could-facilitate-industrial-attacks/
