SB2023100630 - Multiple vulnerabilities in Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2022-4304)

The vulnerability allows a remote attacker to obtain sensitive information.

The vulnerability exists due to a timing based side channel exists in the OpenSSL RSA Decryption implementation. A remote attacker can perform a Bleichenbacher style attack and decrypt data sent over the network.

To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.

2) Double Free (CVE-ID: CVE-2022-4450)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the PEM_read_bio_ex() function. A remote attacker can pass specially crafted PEM file to the application, trigger a double free error and perform a denial of service (DoS) attack.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-03"
• https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-03</a></p><p>
• https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-011_en.pdf</p><p><br></p>