{"id":1699,"date":"2025-03-24T21:39:38","date_gmt":"2025-03-24T18:39:38","guid":{"rendered":"https:\/\/cbernet.com\/details-of-vulnerabilities-targeting-scada-systems-revealed\/"},"modified":"2025-04-10T19:13:59","modified_gmt":"2025-04-10T16:13:59","slug":"details-of-vulnerabilities-targeting-scada-systems-revealed","status":"publish","type":"post","link":"https:\/\/cbernet.com\/en\/details-of-vulnerabilities-targeting-scada-systems-revealed\/","title":{"rendered":"Details of Vulnerabilities Targeting SCADA Systems Revealed"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1699\" class=\"elementor elementor-1699 elementor-315\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5beaa09 e-flex e-con-boxed e-con e-parent\" data-id=\"5beaa09\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e10c46e elementor-widget elementor-widget-html\" data-id=\"e10c46e\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n        <div class=\" meta-post et-shortcode\">\n\n                            <time class=\"entry-date published updated\" datetime=\"March 24, 2025\">\n                    24 March 2025                <\/time>\n                           \n        <\/div>\n        \t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-6303a0f e-flex e-con-boxed e-con e-parent\" data-id=\"6303a0f\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e3c74ee elementor-widget elementor-widget-text-editor\" data-id=\"e3c74ee\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Palo Alto Networks shared details about the high severity vulnerabilities identified in Mitsubishi Electric and Iconics SCADA products.<\/p><p>These vulnerabilities affect SCADA products from Iconics and Mitsubishi Electric. The products involved include <strong>Genesis64<\/strong> and <strong>MC Works64<\/strong>. Since Iconics is part of Mitsubishi Electric, the same vulnerabilities affect products from both brands.  <\/p><p>SCADA vulnerabilities identified include <strong>DLL hijacking (CVE-2024-1182),<\/strong><strong>incorrect<\/strong> <strong>default permissions (<\/strong> <strong>CVE-2024-7587),<\/strong><strong>uncontrolled<\/strong> <strong>search path element (<\/strong> <strong>CVE-2024-8299 and CVE-2024-9852)<\/strong> and <strong>dead code (CVE-2024-8300)<\/strong>.<\/p><p>These vulnerabilities require authentication to exploit. However, after gaining access to the target organization&#8217;s systems, attackers can use these vulnerabilities to perform operations such as <strong>privilege escalation, manipulating critical files and executing arbitrary code<\/strong>. <\/p><p>In a real attack on industrial systems, SCADA vulnerabilities <strong>can lead to service disruptions and, in some cases, even complete system takeover<\/strong>.<\/p><p>These vulnerabilities pose <strong>serious risks to confidentiality, integrity and availability<\/strong>, Palo Alto said.<\/p><p>According to the company, these vulnerabilities can be extremely valuable to attackers. This is because Iconics and Mitsubishi Electric SCADA solutions are used in <strong>hundreds of thousands of systems<\/strong> around the world in critical sectors such as <strong>government, military, water management, manufacturing and energy<\/strong>. <\/p><p>The vulnerabilities were identified in Iconics Suite and Mitsubishi Electric MC Works Windows versions <strong>10.97.2 and 10.97.3<\/strong> in early 2024. <strong>Updates and mitigations were released last year.<\/strong><\/p><p>The existence of these vulnerabilities was revealed <strong>by CISA and affected manufacturers in security announcements published in 2024<\/strong>, announcing the necessary patches and mitigation measures.<\/p><p>Link to this news story: <a href=\"https:\/\/www.securityweek.com\/details-disclosed-for-scada-flaws-that-could-facilitate-industrial-attacks\/\">https:\/\/www.securityweek.com\/details-disclosed-for-scada-flaws-that-could-facilitate-industrial-attacks\/<\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Palo Alto Networks shared details about the high severity vulnerabilities identified in Mitsubishi Electric and Iconics SCADA products. These vulnerabilities affect SCADA products from Iconics<\/p>\n","protected":false},"author":1,"featured_media":1568,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-1699","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts\/1699","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/comments?post=1699"}],"version-history":[{"count":1,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts\/1699\/revisions"}],"predecessor-version":[{"id":1700,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts\/1699\/revisions\/1700"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/media\/1568"}],"wp:attachment":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/media?parent=1699"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/categories?post=1699"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/tags?post=1699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}