Mitsubishi Electric MELFA SD/SQ series and F-series Robot Controllers

Plan PatchCVSS 7.5ICS-CERT ICSA-23-026-05Jan 26, 2023

Mitsubishi ElectricEnergy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Mitsubishi Electric MELFA SD/SQ Series and F-Series Robot Controllers contain an authorization bypass vulnerability (CWE-489) that allows an attacker to gain unauthorized access to the controller without valid credentials. Affected firmware versions include MELFA SD/SQ Series firmware S7x and R7x, and MELFA F-Series firmware S7x and R7x. Successful exploitation enables an attacker to take control of the robot controller and potentially modify its behavior. Mitsubishi Electric has released updated firmware versions (S7y and R7y for both series) to address the issue.

What this means

What could happen

An attacker with network access to the robot controller could gain unauthorized access and modify control logic, potentially causing the robot to execute unintended movements or stop operation during critical manufacturing or assembly processes.

Who's at risk

Manufacturing and assembly operations using Mitsubishi Electric MELFA SD/SQ Series or F-Series Robot Controllers should assess this risk. These controllers are commonly used in automotive, electronics, and general factory automation where robots perform critical assembly, welding, or material handling tasks.

How it could be exploited

An attacker on the network sends a specially crafted request to the robot controller's management interface. The controller lacks proper access controls, allowing the attacker to authenticate without valid credentials and gain full control of the device.

Prerequisites

Network connectivity to the robot controller
The controller is reachable from an untrusted network or the internet
No network segmentation isolating the controller

remotely exploitableno authentication requiredlow complexityaffects critical manufacturing equipmentno patch available for older firmware versions

Exploitability

Some exploitation risk — EPSS score 1.1%

Affected products (4)

4 with fix

ProductAffected VersionsFix Status

MELFA SD/SQ series and F-series Robot Controllers: MELFA SD/SQ Series: firmware≤ S7xS7y+

MELFA SD/SQ series and F-series Robot Controllers: MELFA SD/SQ Series: firmware≤ R7xS7y+

MELFA SD/SQ series and F-series Robot Controllers: MELFA F-Series: firmware≤ S7xS7y+

MELFA SD/SQ series and F-series Robot Controllers: MELFA F-Series: firmware≤ R7xS7y+

Remediation & Mitigation

0/7

Do now

0/2

WORKAROUNDDeploy firewall rules to block unauthorized network access to the robot controller from untrusted networks and the internet

WORKAROUNDIf internet access is required for remote support, use a VPN with current security patches to restrict direct exposure

Schedule — requires maintenance window

0/4

Patching may require device reboot — plan for process interruption

HOTFIXUpdate MELFA SD/SQ Series to firmware version S7y or later

HOTFIXUpdate MELFA SD/SQ Series to firmware version R7y or later

HOTFIXUpdate MELFA F-Series to firmware version S7y or later

HOTFIXUpdate MELFA F-Series to firmware version R7y or later

Long-term hardening

0/1

HARDENINGIsolate robot controller networks from business networks using network segmentation

CVEs (1)

CVE-2022-33323

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/08133f9b-da98-4645-90cb-05ccb8978c77

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.