Multiple vulnerabilities in Mitsubishi Electric Factory Automation Engineering Software Products
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-5602 CVE-2020-5603 |
| CWE-ID | CWE-611 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
CPU Module Logging Configuration Tool Client/Desktop applications / Software for system administration CW Configurator Client/Desktop applications / Software for system administration EM Software Development Kit Client/Desktop applications / Software for system administration GT Designer3 Client/Desktop applications / Software for system administration GX LogViewer Client/Desktop applications / Software for system administration GX Works2 Client/Desktop applications / Software for system administration GX Works3 Client/Desktop applications / Software for system administration M_CommDTM-HART Client/Desktop applications / Software for system administration M_CommDTM-IO-Link Client/Desktop applications / Software for system administration MELFA-Works Client/Desktop applications / Software for system administration MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool Client/Desktop applications / Software for system administration MELSOFT FieldDeviceConfigurator Client/Desktop applications / Software for system administration MELSOFT iQ AppPortal Client/Desktop applications / Software for system administration MELSOFT Navigator Client/Desktop applications / Software for system administration MI Configurator Client/Desktop applications / Software for system administration Motion Control Setting Client/Desktop applications / Software for system administration MR Configurator2 Client/Desktop applications / Software for system administration MT Works2 Client/Desktop applications / Software for system administration RT ToolBox2 Client/Desktop applications / Software for system administration RT ToolBox3 Client/Desktop applications / Software for system administration |
| Vendor | Mitsubishi Electric |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) XML External Entity injection
EUVDB-ID: #VU29429
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-5602
CWE-ID:
CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can send a specially crafted file on the computer running the product to the outside and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCPU Module Logging Configuration Tool: - - 1.94Y
CW Configurator: - - 1.010L
EM Software Development Kit: - - 1.010L
GT Designer3: - - 1.221F
GX LogViewer: - - 1.96A
GX Works2: - - 1.586L
GX Works3: - - 1.058L
M_CommDTM-HART: - - 1.00A
M_CommDTM-IO-Link: - - 1.02C
MELFA-Works: - - 4.3
MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool: - - 1.004E
MELSOFT FieldDeviceConfigurator: - - 1.03D
MELSOFT iQ AppPortal: - - 1.11M
MELSOFT Navigator: - - 1.003D
MI Configurator: - - 1.003D
Motion Control Setting: - - 1.005F
MR Configurator2: - - 1.72A
MT Works2: - - 1.156N
RT ToolBox2: - - 3.72A
RT ToolBox3: - - 1.50C
CPE2.3- cpe:2.3:a:mitsubishi_electric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:cpu_module_logging_configuration_tool:1.94Y:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:cw_configurator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:cw_configurator:1.010L:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:em_software_development_kit:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:em_software_development_kit:1.010L:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gt_designer3:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gt_designer3:1.221F:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_logviewer:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_logviewer:1.96A:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_works2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_works3:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:m_commdtm-hart:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:m_commdtm-io-link:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melfa-works:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsec-l_flexible_high-speed_i_o_control_module_configuration_tool:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsoft_fielddeviceconfigurator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsoft_iq_appportal:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsoft_navigator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:mi_configurator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:motion_control_setting:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:mr_configurator2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:mt_works2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:rt_toolbox2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:rt_toolbox3:*:*:*:*:*:*:*:*
https://jvn.jp/en/vu/JVNVU90307594/index.html
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-004_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU29430
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-5603
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCPU Module Logging Configuration Tool: - - 1.94Y
CW Configurator: - - 1.010L
EM Software Development Kit: - - 1.010L
GT Designer3: - - 1.221F
GX LogViewer: - - 1.96A
GX Works2: - - 1.586L
GX Works3: - - 1.058L
M_CommDTM-HART: - - 1.00A
M_CommDTM-IO-Link: - - 1.02C
MELFA-Works: - - 4.3
MELSEC-L Flexible High-Speed I/O Control Module Configuration Tool: - - 1.004E
MELSOFT FieldDeviceConfigurator: - - 1.03D
MELSOFT iQ AppPortal: - - 1.11M
MELSOFT Navigator: - - 1.003D
MI Configurator: - - 1.003D
Motion Control Setting: - - 1.005F
MR Configurator2: - - 1.72A
MT Works2: - - 1.156N
RT ToolBox2: - - 3.72A
RT ToolBox3: - - 1.50C
CPE2.3- cpe:2.3:a:mitsubishi_electric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:cpu_module_logging_configuration_tool:1.94Y:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:cw_configurator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:cw_configurator:1.010L:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:em_software_development_kit:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:em_software_development_kit:1.010L:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gt_designer3:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gt_designer3:1.221F:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_logviewer:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_logviewer:1.96A:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_works2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:gx_works3:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:m_commdtm-hart:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:m_commdtm-io-link:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melfa-works:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsec-l_flexible_high-speed_i_o_control_module_configuration_tool:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsoft_fielddeviceconfigurator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsoft_iq_appportal:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:melsoft_navigator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:mi_configurator:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:motion_control_setting:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:mr_configurator2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:mt_works2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:rt_toolbox2:*:*:*:*:*:*:*:*
- cpe:2.3:a:mitsubishi_electric:rt_toolbox3:*:*:*:*:*:*:*:*
https://jvn.jp/en/vu/JVNVU90307594/index.html
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-004_en.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
