January 13, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Lazarus (aka Hidden Cobra) APT Group – Active IOCs
November 3, 2023
Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
November 5, 2023
Rewterz Threat Alert – Lazarus (aka Hidden Cobra) APT Group – Active IOCs
November 3, 2023
Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
November 5, 2023
Severity
Medium
Analysis Summary
CVE-2023-2060 CVSS:7.5
Mitsubishi Electric MELSEC iQ-R could allow a remote attacker to obtain sensitive information, caused by weak password requirements. An attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-2061 CVSS:6.2
Mitsubishi Electric MELSEC iQ-R contains default hardcoded passwords. A local attacker could exploit this vulnerability to gain access to the system.
CVE-2023-2062 CVSS:6.2
Mitsubishi Electric MELSEC iQ-R could allow a local attacker to obtain sensitive information, caused by missing password field masking. An attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-2063 CVSS:6.3
Mitsubishi Electric MELSEC iQ-R could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system.
CVE-2022-40268 CVSS:6.1
Multiple Mitsubishi Electric GOT and GT products could allow a remote attacker to conduct clickjacking attack, caused by improper restriction of rendered UI layers or frames. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to hijack the clicking actions of another user.
CVE-2022-40269 CVSS:6.8
Multiple Mitsubishi Electric GOT and GT products could allow a remote attacker to conduct spoofing attacks. By abusing inappropriate HTML attribute, an attacker could exploit this vulnerability to impersonate legitimate users or obtain sensitive information.
Impact
- Information Disclosure
- Gain Access
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-2060
- CVE-2023-2061
- CVE-2023-2062
- CVE-2023-2063
- CVE-2022-40268
- CVE-2022-40269
Affected Vendors
Mitsubishi Electric
Affected Products
- Mitsubishi Electric MELSEC iQ-F
- iQ-R Series
- Mitsubishi Electric GOT2000 series GT25 Model
- Mitsubishi Electric GOT2000 series GT27 Model
- Mitsubishi Electric GT SoftGOT2000
Remediation
Refer to Mitsubishi Electric Advisory for patch, upgrade or suggested workaround information.
Mitsubishi Electric MELSEC iQ-F, iQ-R Series
Mitsubishi Electric GOT2000 series GT25 Model, GT27 Model, and GT SoftGOT2000