Vulnerability identifier: #VU54512
Vulnerability risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-611
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
G-50A
Hardware solutions /
Firmware
GB-50A
Hardware solutions /
Firmware
GB-24A
Hardware solutions /
Firmware
AG-150A-A
Hardware solutions /
Firmware
AG-150A-J
Hardware solutions /
Firmware
GB-50ADA-A
Hardware solutions /
Firmware
GB-50ADA-J
Hardware solutions /
Firmware
EB-50GU-A
Hardware solutions /
Firmware
EB-50GU-J
Hardware solutions /
Firmware
AE-200A
Hardware solutions /
Firmware
AE-200E
Hardware solutions /
Firmware
AE-50A
Hardware solutions /
Firmware
AE-50E
Hardware solutions /
Firmware
EW-50A
Hardware solutions /
Firmware
EW-50E
Hardware solutions /
Firmware
TE-200A
Hardware solutions /
Firmware
TE-50A
Hardware solutions /
Firmware
TW-50A
Hardware solutions /
Firmware
CMS-RMD-J
Hardware solutions /
Firmware
PAC-YG50ECA
Hardware solutions /
Firmware
BAC-HD150
Hardware solutions /
Firmware
Vendor: Mitsubishi Electric
Description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or perform a denial of service (DoS) attack.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
G-50A: 3.35
GB-50A: 3.35
GB-24A: 9.11
AG-150A-A: 3.20
AG-150A-J: 3.20
GB-50ADA-A: 3.20
GB-50ADA-J: 3.20
EB-50GU-A: 7.09
EB-50GU-J: 7.09
AE-200A: 7.93
AE-200E: 7.93
AE-50A: 7.93
AE-50E: 7.93
EW-50A: 7.93
EW-50E: 7.93
TE-200A: 7.93
TE-50A: 7.93
TW-50A: 7.93
CMS-RMD-J: 1.30
PAC-YG50ECA: 2.20
BAC-HD150: 2.21
External links
http://ics-cert.us-cert.gov/advisories/icsa-21-182-05
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.