Engineering software flaws expose Mitsubishi Electric PLCs to attacks


Researchers at the industrial cybersecurity firm Nozomi Networks have discovered three vulnerabilities in the engineering workstation software of Mitsubishi Electric’s GX Works3 that could be exploited to compromise safety systems.

Mitsubishi Electric provides GX Works3 as the configuration and programming software for its MELSEC iQ-F and iQ-R programmable logic controllers (PLCs). vulnerability in the Mitsubishi Electric PLC Three security flaws that have been tracked as CVE-2022-29831, CVE-2022-29832, and CVE-2022-29833 by Nozomi researchers could allow an attacker to access GX Works3 project files and compromise connected safety CPU modules.

Also Read: Strategies to Identify Database Security Threats and Vulnerabilities at Early Stage

These modules’ project files are encrypted, and accessing them requires a user-configured username and password.

Read More:Engineering software flaws expose Mitsubishi Electric PLCs to attacks

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.