![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory –ICS: Johnson Controls OpenBlue Enterprise Manager Data Collector Vulnerabilities
May 22, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-28709 – Apache Tomcat Vulnerability
May 23, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory –ICS: Johnson Controls OpenBlue Enterprise Manager Data Collector Vulnerabilities
May 22, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-28709 – Apache Tomcat Vulnerability
May 23, 2023Severity
High
Analysis Summary
CVE-2023-1618
Mitsubishi Electric MELSEC WS Series could allow a remote attacker to bypass security restrictions, caused by the existence of a hidden telnet function enabled by default. By sending a specially crafted request via telnet, an attacker could exploit this vulnerability to log in to the module.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-1618
Affected Vendors
Mitsubishi Electric
Affected Products
- Mitsubishi Electric WS0-GETH00200
Remediation
Refer to Mitsubishi Electric Security Advisory for patch, upgrade or suggested workaround information.