A cybersecurity firm researchers have found high-severity vulnerabilities in the automation products of the Mitsubishi Electric factory. These could be exploited by hackers to attack organizations remotely by arbitrary code execution, privilege escalation, and DoS attacks. As per Mashav Sapir, a Claroty researcher – “An attacker who succeeded in exploiting these vulnerabilities would gain full access and control over the computer running the Mitsubishi engineering software.”
According to the advisories recently published by the US Cybersecurity and Infrastructure Security Agency (CISA) – several factory automation products from the Mitsubishi Electric are impacted by three major flaws. As a result, Mitsubishi has released patches for the affected products. Besides, it provided mitigations for the users who cannot install the patches immediately.