Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-33320
Vulnerability from cvelistv5
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | ICONICS GENESIS64; Mitsubishi Electric MC Works64 |
Version: ICONICS GENESIS64 versions 10.97.1 and prior Version: Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T08:09:21.319Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://jvn.jp/vu/JVNVU96480474/index.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "ICONICS GENESIS64; Mitsubishi Electric MC Works64", "vendor": "n/a", "versions": [ { "status": "affected", "version": "ICONICS GENESIS64 versions 10.97.1 and prior" }, { "status": "affected", "version": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior" } ] } ], "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes." } ], "problemTypes": [ { "descriptions": [ { "description": "Deserialization of Untrusted Data", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-20T16:56:24", "orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "shortName": "Mitsubishi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://jvn.jp/vu/JVNVU96480474/index.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "ID": "CVE-2022-33320", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ICONICS GENESIS64; Mitsubishi Electric MC Works64", "version": { "version_data": [ { "version_value": "ICONICS GENESIS64 versions 10.97.1 and prior" }, { "version_value": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Deserialization of Untrusted Data" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf", "refsource": "MISC", "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "name": "https://jvn.jp/vu/JVNVU96480474/index.html", "refsource": "MISC", "url": "https://jvn.jp/vu/JVNVU96480474/index.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad", "assignerShortName": "Mitsubishi", "cveId": "CVE-2022-33320", "datePublished": "2022-07-20T16:56:24", "dateReserved": "2022-06-14T00:00:00", "dateUpdated": "2024-08-03T08:09:21.319Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2022-33320\",\"sourceIdentifier\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"published\":\"2022-07-20T17:15:08.397\",\"lastModified\":\"2024-11-21T07:08:10.487\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Deserializaci\u00f3n de Datos No Confiables en ICONICS GENESIS64 versiones 10.97.1 y anteriores y Mitsubishi Electric MC Works64 versiones 4.04E (10.95.210.01) y anteriores permite a un atacante no autenticado ejecutar un c\u00f3digo malicioso arbitrario al conllevar a un usuario a cargar un archivo de configuraci\u00f3n de proyecto que incluye c\u00f3digos XML maliciosos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iconics:genesis64:10.97:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44D3F652-C916-4395-BD11-AECDDF960D45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D89798E-910C-4C3F-9385-D9B7CA921091\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.95.210.01\",\"matchCriteriaId\":\"F44C63DD-663E-4505-8586-D4BCAB01AF73\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/vu/JVNVU96480474/index.html\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf\",\"source\":\"Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://jvn.jp/vu/JVNVU96480474/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
icsa-22-202-04
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "names": [ "Chris Anastasio", "Noam Moshe" ], "organization": "Claroty Research", "summary": "reporting these vulnerabilities to CISA" }, { "names": [ "Steven Seeley", "Alex Birmberg", "Ben McBride", "Axel \u00270vercl0k\u0027 Souchet" ], "organization": "Trend Micro Zero Day Initiative", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could result in information disclosure, remote code execution, or a denial-of-service condition.", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "ICONICS is headquartered in the United States; Mitsubishi Electric is headquartered in Japan", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "Do not click web links or open attachments in unsolicited email messages.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-22-202-04 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-202-04.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-22-202-04 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "ICONICS Suite and Mitsubishi Electric MC Works64 Products", "tracking": { "current_release_date": "2022-07-21T06:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-202-04", "initial_release_date": "2022-07-21T06:00:00.000000Z", "revision_history": [ { "date": "2022-07-21T06:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS GENESIS64: \u003c=10.97.1", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "ICONICS GENESIS64" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS Hyper Historian: \u003c=10.97.1", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "ICONICS Hyper Historian" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS AnalytiX: \u003c=10.97.1", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "ICONICS AnalytiX" }, { "branches": [ { "category": "product_version", "name": "10.97", "product": { "name": "ICONICS ICONICS IoTWorX: 10.97", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "ICONICS IoTWorX" }, { "branches": [ { "category": "product_version", "name": "10.97.1", "product": { "name": "ICONICS ICONICS IoTWorX: 10.97.1", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "ICONICS IoTWorX" }, { "branches": [ { "category": "product_version", "name": "10.97", "product": { "name": "ICONICS ICONICS MobileHMI: 10.97", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "ICONICS MobileHMI" }, { "branches": [ { "category": "product_version", "name": "10.97.1", "product": { "name": "ICONICS ICONICS MobileHMI: 10.97.1", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "ICONICS MobileHMI" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS GraphWorX64: \u003c=10.97.1", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "ICONICS GraphWorX64" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS GenBrokerX64: \u003c=10.97.1", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "ICONICS GenBrokerX64" } ], "category": "vendor", "name": "ICONICS" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c=4.04E_v10.95.210.01", "product": { "name": "Mitsubishi Electric MC Works64: \u003c=4.04E_v10.95.210.01", "product_id": "CSAFPID-0010" } } ], "category": "product_name", "name": "MC Works64" } ], "category": "vendor", "name": "Mitsubishi Electric" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-29834", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "summary", "text": "ICONICS MobileHMI and IoTWorX IoT Visualizer products are affected by a path traversal vulnerability. If exploited, then this could allow traversing of the file system and access to files or directories that are outside the restricted directory on the MobileHMI server or the IoTWorX IoT Visualizer server. This traversal could then result in information disclosure.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-29834" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] } ] }, { "cve": "CVE-2022-33315", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "GraphWorX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, has multiple vulnerabilities regarding the deserialization of untrusted data that, if exploited, could result in code execution.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33315" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33316", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "GraphWorX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, has multiple vulnerabilities regarding the deserialization of untrusted data that, if exploited, could result in code execution.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33316" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33317", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "notes": [ { "category": "summary", "text": "GraphWorX64 scripting, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, is based on JScript and .NET. It stores script code in the GraphWorX64 project files. These project files could be directly edited that could result in code execution if exploited.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33317" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33318", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "GenBrokerX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, contains a deserialization vulnerability that could result in remote code execution if exploited.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33318" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33319", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "GenBrokerX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, contains an out-of-bounds read issue which could result in information disclosure or a denial-of-service condition if exploited.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33319" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33320", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "All ICONICS Suite and Mitsubishi Electric MC Works64 products contain a deserialization vulnerability that could enable malicious project configuration files to execute arbitrary code via XML code on the files.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33320" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] } ] }
ICSA-22-202-04
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "names": [ "Chris Anastasio", "Noam Moshe" ], "organization": "Claroty Research", "summary": "reporting these vulnerabilities to CISA" }, { "names": [ "Steven Seeley", "Alex Birmberg", "Ben McBride", "Axel \u00270vercl0k\u0027 Souchet" ], "organization": "Trend Micro Zero Day Initiative", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could result in information disclosure, remote code execution, or a denial-of-service condition.", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "ICONICS is headquartered in the United States; Mitsubishi Electric is headquartered in Japan", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "Do not click web links or open attachments in unsolicited email messages.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-22-202-04 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-202-04.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-22-202-04 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "ICONICS Suite and Mitsubishi Electric MC Works64 Products", "tracking": { "current_release_date": "2022-07-21T06:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-202-04", "initial_release_date": "2022-07-21T06:00:00.000000Z", "revision_history": [ { "date": "2022-07-21T06:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS GENESIS64: \u003c=10.97.1", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "ICONICS GENESIS64" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS Hyper Historian: \u003c=10.97.1", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "ICONICS Hyper Historian" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS AnalytiX: \u003c=10.97.1", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "ICONICS AnalytiX" }, { "branches": [ { "category": "product_version", "name": "10.97", "product": { "name": "ICONICS ICONICS IoTWorX: 10.97", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "ICONICS IoTWorX" }, { "branches": [ { "category": "product_version", "name": "10.97.1", "product": { "name": "ICONICS ICONICS IoTWorX: 10.97.1", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "ICONICS IoTWorX" }, { "branches": [ { "category": "product_version", "name": "10.97", "product": { "name": "ICONICS ICONICS MobileHMI: 10.97", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "ICONICS MobileHMI" }, { "branches": [ { "category": "product_version", "name": "10.97.1", "product": { "name": "ICONICS ICONICS MobileHMI: 10.97.1", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "ICONICS MobileHMI" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS GraphWorX64: \u003c=10.97.1", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "ICONICS GraphWorX64" }, { "branches": [ { "category": "product_version_range", "name": "\u003c=10.97.1", "product": { "name": "ICONICS ICONICS GenBrokerX64: \u003c=10.97.1", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "ICONICS GenBrokerX64" } ], "category": "vendor", "name": "ICONICS" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c=4.04E_v10.95.210.01", "product": { "name": "Mitsubishi Electric MC Works64: \u003c=4.04E_v10.95.210.01", "product_id": "CSAFPID-0010" } } ], "category": "product_name", "name": "MC Works64" } ], "category": "vendor", "name": "Mitsubishi Electric" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-29834", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "summary", "text": "ICONICS MobileHMI and IoTWorX IoT Visualizer products are affected by a path traversal vulnerability. If exploited, then this could allow traversing of the file system and access to files or directories that are outside the restricted directory on the MobileHMI server or the IoTWorX IoT Visualizer server. This traversal could then result in information disclosure.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-29834" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] } ] }, { "cve": "CVE-2022-33315", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "GraphWorX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, has multiple vulnerabilities regarding the deserialization of untrusted data that, if exploited, could result in code execution.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33315" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33316", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "GraphWorX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, has multiple vulnerabilities regarding the deserialization of untrusted data that, if exploited, could result in code execution.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33316" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33317", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "notes": [ { "category": "summary", "text": "GraphWorX64 scripting, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, is based on JScript and .NET. It stores script code in the GraphWorX64 project files. These project files could be directly edited that could result in code execution if exploited.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33317" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33318", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "GenBrokerX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, contains a deserialization vulnerability that could result in remote code execution if exploited.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33318" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33319", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "GenBrokerX64, contained in all ICONICS Suite products and Mitsubishi Electric MC Works64 products, contains an out-of-bounds read issue which could result in information disclosure or a denial-of-service condition if exploited.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33319" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] }, { "cve": "CVE-2022-33320", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "All ICONICS Suite and Mitsubishi Electric MC Works64 products contain a deserialization vulnerability that could enable malicious project configuration files to execute arbitrary code via XML code on the files.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33320" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite and MC Works64 software with the latest security patches as they become available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "ICONICS GENESIS64, ICONICS Hyper Historian, ICONICS AnalytiX, ICONICS IoTWorX, ICONICS MobileHMI, ICONICS GraphWorX64, and ICONICS GenBrokerX64 security patches may be found here (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ], "url": "https://iconics.force.com/community" }, { "category": "vendor_fix", "details": "Mitsubishi Electric MC Works64 security patches may be found here.", "product_ids": [ "CSAFPID-0010" ], "url": "https://iconics.com/Support/CERT-MC-Works" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollup releases and security patches. Refer to the ICONICS Whitepaper on Security Vulnerabilities, the most recent version of which can be found here, and to the Mitsubishi Electric\u0027s security advisory for information on the availability of the security updates. Note: ICONICS and Mitsubishi Electric products version 10.97.2 and later are not vulnerable to these exploits.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.iconics.com/certs" }, { "category": "mitigation", "details": "Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "category": "mitigation", "details": "ICONICS and Mitsubishi Electric recommend users of these products take the following mitigation steps:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Use a firewall; consider using a Web Application Firewall (WAF). Place control system networks and devices behind firewalls and isolate them from the business network.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Restrict access to all TCP ports such as port 38080 and 6002. If remote access is required, utilize secure remote access methods, such as Virtual Private Networks (VPNs).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize network exposure for all control system devices. Control system devices should not directly face the internet.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Minimize the attack surface by turning off services and point managers which will not be used.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Do not click web links or open unsolicited attachments in email messages.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "mitigation", "details": "Install the applicable critical fixes/rollup releases when available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Mitsubishi Electric also recommends specific action for specific versions of Mitsubishi Electric MC Works64:", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 4.00 through 4.03D, contact Mitsubishi Electric to receive the Version 4.04E installer. Apply the latest security patches once updated.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "For users with Mitsubishi Electric MC Works64 Version 3.04E and prior, contact Mitsubishi Electric for assistance.", "product_ids": [ "CSAFPID-0010" ] }, { "category": "vendor_fix", "details": "Additional information and useful links are found on the ICONICS GENESIS64 security updates page.", "product_ids": [ "CSAFPID-0001" ], "url": "https://iconics.com/certs" }, { "category": "mitigation", "details": "Additional information and useful links are found on Mitsubishi Electric\u0027s security advisory.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0010" ] } ] } ] }
var-202207-1523
Vulnerability from variot
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes. ICONICS, Inc. of GENESIS 64 Products from multiple other vendors contain untrusted data deserialization vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PKGX files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202207-1523", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "genesis64", "scope": null, "trust": 1.4, "vendor": "iconics", "version": null }, { "model": "genesis64", "scope": "eq", "trust": 1.0, "vendor": "iconics", "version": "10.97.1" }, { "model": "mc works64", "scope": "lte", "trust": 1.0, "vendor": "mitsubishielectric", "version": "10.95.210.01" }, { "model": "genesis64", "scope": "eq", "trust": 1.0, "vendor": "iconics", "version": "10.97" }, { "model": "mc works64", "scope": null, "trust": 0.8, "vendor": "\u4e09\u83f1\u96fb\u6a5f", "version": null }, { "model": "genesis 64", "scope": null, "trust": 0.8, "vendor": "iconics", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" }, { "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "db": "NVD", "id": "CVE-2022-33320" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:iconics:genesis64:10.97:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.95.210.01", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2022-33320" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Noam Moshe of Claroty Research", "sources": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" } ], "trust": 1.4 }, "cve": "CVE-2022-33320", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "ZDI", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2022-33320", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.4, "userInteraction": "REQUIRED", "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2022-33320", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-33320", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2022-33320", "trust": 1.8, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2022-33320", "trust": 1.4, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202207-2068", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" }, { "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "db": "NVD", "id": "CVE-2022-33320" }, { "db": "CNNVD", "id": "CNNVD-202207-2068" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes. ICONICS, Inc. of GENESIS 64 Products from multiple other vendors contain untrusted data deserialization vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PKGX files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process", "sources": [ { "db": "NVD", "id": "CVE-2022-33320" }, { "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" }, { "db": "VULMON", "id": "CVE-2022-33320" } ], "trust": 2.97 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-33320", "trust": 4.7 }, { "db": "JVN", "id": "JVNVU96480474", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-22-202-04", "trust": 1.5 }, { "db": "JVNDB", "id": "JVNDB-2022-013544", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-17361", "trust": 0.7 }, { "db": "ZDI", "id": "ZDI-22-1163", "trust": 0.7 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-17369", "trust": 0.7 }, { "db": "ZDI", "id": "ZDI-23-343", "trust": 0.7 }, { "db": "CS-HELP", "id": "SB2022072542", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202207-2068", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-33320", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" }, { "db": "VULMON", "id": "CVE-2022-33320" }, { "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "db": "NVD", "id": "CVE-2022-33320" }, { "db": "CNNVD", "id": "CNNVD-202207-2068" } ] }, "id": "VAR-202207-1523", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.42615384 }, "last_update_date": "2023-09-10T22:31:28.066000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "ICONICS has issued an update to correct this vulnerability.", "trust": 0.7, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-04" }, { "title": "ICONICS has issued an update to correct this vulnerability.", "trust": 0.7, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04" }, { "title": "Mitsubishi Electric MC Works64 Fixes for code issue vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=201698" } ], "sources": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" }, { "db": "CNNVD", "id": "CNNVD-202207-2068" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-502", "trust": 1.0 }, { "problemtype": "Deserialization of untrusted data (CWE-502) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "db": "NVD", "id": "CVE-2022-33320" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://jvn.jp/vu/jvnvu96480474/index.html" }, { "trust": 2.5, "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "trust": 1.5, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-202-04" }, { "trust": 0.8, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-04" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu96480474/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-33320" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-33320/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022072542" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-202-04" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" }, { "db": "VULMON", "id": "CVE-2022-33320" }, { "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "db": "NVD", "id": "CVE-2022-33320" }, { "db": "CNNVD", "id": "CNNVD-202207-2068" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" }, { "db": "VULMON", "id": "CVE-2022-33320" }, { "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "db": "NVD", "id": "CVE-2022-33320" }, { "db": "CNNVD", "id": "CNNVD-202207-2068" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-08-23T00:00:00", "db": "ZDI", "id": "ZDI-22-1163" }, { "date": "2023-03-31T00:00:00", "db": "ZDI", "id": "ZDI-23-343" }, { "date": "2022-07-20T00:00:00", "db": "VULMON", "id": "CVE-2022-33320" }, { "date": "2023-09-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "date": "2022-07-20T17:15:00", "db": "NVD", "id": "CVE-2022-33320" }, { "date": "2022-07-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202207-2068" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-08-23T00:00:00", "db": "ZDI", "id": "ZDI-22-1163" }, { "date": "2023-03-31T00:00:00", "db": "ZDI", "id": "ZDI-23-343" }, { "date": "2022-07-20T00:00:00", "db": "VULMON", "id": "CVE-2022-33320" }, { "date": "2023-09-08T08:28:00", "db": "JVNDB", "id": "JVNDB-2022-013544" }, { "date": "2022-07-27T18:55:00", "db": "NVD", "id": "CVE-2022-33320" }, { "date": "2022-07-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202207-2068" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202207-2068" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ICONICS GENESIS64 PKGX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability", "sources": [ { "db": "ZDI", "id": "ZDI-22-1163" }, { "db": "ZDI", "id": "ZDI-23-343" } ], "trust": 1.4 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202207-2068" } ], "trust": 0.6 } }
ghsa-429h-8m2j-j6cx
Vulnerability from github
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes.
{ "affected": [], "aliases": [ "CVE-2022-33320" ], "database_specific": { "cwe_ids": [ "CWE-502" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2022-07-20T17:15:00Z", "severity": "HIGH" }, "details": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes.", "id": "GHSA-429h-8m2j-j6cx", "modified": "2022-07-28T00:00:41Z", "published": "2022-07-21T00:00:28Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33320" }, { "type": "WEB", "url": "https://jvn.jp/vu/JVNVU96480474/index.html" }, { "type": "WEB", "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
gsd-2022-33320
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2022-33320", "description": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes.", "id": "GSD-2022-33320" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-33320" ], "details": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes.", "id": "GSD-2022-33320", "modified": "2023-12-13T01:19:22.835366Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "ID": "CVE-2022-33320", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ICONICS GENESIS64; Mitsubishi Electric MC Works64", "version": { "version_data": [ { "version_value": "ICONICS GENESIS64 versions 10.97.1 and prior" }, { "version_value": "Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Deserialization of Untrusted Data" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf", "refsource": "MISC", "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" }, { "name": "https://jvn.jp/vu/JVNVU96480474/index.html", "refsource": "MISC", "url": "https://jvn.jp/vu/JVNVU96480474/index.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:iconics:genesis64:10.97.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:iconics:genesis64:10.97:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:mitsubishielectric:mc_works64:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.95.210.01", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "ID": "CVE-2022-33320" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a project configuration file including malicious XML codes." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-502" } ] } ] }, "references": { "reference_data": [ { "name": "https://jvn.jp/vu/JVNVU96480474/index.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://jvn.jp/vu/JVNVU96480474/index.html" }, { "name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } }, "lastModifiedDate": "2022-07-27T18:55Z", "publishedDate": "2022-07-20T17:15Z" } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.