1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Mitsubishi Electric
- Equipment: Multiple Factory Automation Products
- Vulnerabilities: Observable Timing Discrepancy, Double Free, Access of Resource Using Incompatible Type (‘Type Confusion’)
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could disclose information in the product or could cause denial-of-service (DoS) condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Factory Automation products are affected:
- GT SoftGOT2000: Versions 1.275M to 1.290C (CVE-2023-0286)
- OPC UA Data Collector: Versions 1.04E and prior (CVE-2023-0286)
- MX OPC Server UA (Software packaged with MC Works64): Versions 3.05F and later (Packaged with MC Works64 Version 4.03D and later) (CVE-2022-4304)
- OPC UA Server Unit: All versions (CVE-2022-4304)
- FX5-OPC: Versions 1.006 and prior (CVE-2022-4304, CVE-2022-4450)
3.2 Vulnerability Overview
3.2.1 OBSERVABLE TIMING DISCREPANCY CWE-208
The affected products contain an observable timing discrepancy vulnerability in their RSA decryption implementation. By sending specially crafted packets and performing a Bleichenbacher style attack, an attack method to decrypt ciphertext by observing the behavior when a padding error occurs, an attacker could decrypt the ciphertext and disclose sensitive information.
CVE-2022-4304 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.9 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.2 DOUBLE FREE CWE-415
The affected products c
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: