Main Vulnerability Database Vulnerabilities #VU76370

#VU76370 Active Debug Code in WS0-GETH00200 - CVE-2023-1618

Published: May 19, 2023

Vulnerability identifier: #VU76370

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-1618

CWE-ID: CWE-489

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
WS0-GETH00200

Software vendor:
Mitsubishi Electric

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the hidden telnet function is enabled by default when shipped from the factory. A remote attacker can log into the affected module by connecting to it via telnet.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-02
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-002_en.pdf

#VU76370 Active Debug Code in WS0-GETH00200 - CVE-2023-1618

Description

Remediation

External links

Please verify you're human