Mitsubishi Electric FA Engineering Software (Update A)

Plan Patch9.3ICS-CERT ICSA-23-269-03Sep 26, 2023

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Improper file permissions in Mitsubishi Electric FA Engineering software installation directories allow a local attacker to execute arbitrary code and modify system files. The vulnerability stems from incorrect access control on installation directories and allows an attacker with user-level access to inject code that executes with elevated privileges when other users run the affected tools. This affects 25 different engineering tools including PLC programmers, HMI designers, and device configuration utilities. Successful exploitation could result in unauthorized modification or deletion of PLC program files, safety configurations, and operational data, or denial of service to the engineering environment.

What this means

What could happen

An attacker with local access to an engineering workstation could execute arbitrary code and modify or delete engineering files, logic configurations, and operational data—potentially allowing unauthorized changes to PLC programs or loss of critical system configurations.

Who's at risk

Electrical utilities and manufacturing facilities using Mitsubishi Electric FA engineering software on Windows workstations for PLC programming and configuration. Affected tools include GX Works2/3 (PLC programming), GT Designer3 (HMI/operator interface design), FR Configurator2 (safety relay programming), and related configuration and monitoring utilities. Engineering staff who develop and maintain PLC logic and device configurations are at highest risk.

How it could be exploited

An attacker with user-level access to a Windows engineering workstation running the affected software could exploit improper file permissions in the installation directory to inject malicious code into system directories. The malicious code would execute with the privileges of the next user to run the tool, allowing code execution and file manipulation.

Prerequisites

Local access to the engineering workstation
User privileges (no administrative access required)
The affected software installed in a non-default location or with non-default permissions

Local access requiredImproper file permissions in installation directoryNo patch available for 13 products (end-of-life)Affects critical engineering tools used to configure PLCs and safety systemsCode execution with system-level privileges possible

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (26)

26 pending

ProductAffected VersionsFix Status

AL-PCS/WIN-E: vers:all/*All versionsNo fix yet

CPU Module Logging Configuration Tool: vers:all/*All versionsNo fix yet

EZSocket: vers:all/*All versionsNo fix yet

FR Configurator2: vers:all/*All versionsNo fix yet

FX Configurator-EN: vers:all/*All versionsNo fix yet

Remediation & Mitigation

0/16

Do now

0/1

HARDENINGInstall affected products (GX Works2, GX Works3, FR Configurator2, GT Designer3, and others listed) in default installation locations with correct file permissions

Schedule — requires maintenance window

0/14

Patching may require device reboot — plan for process interruption

Long-term hardening

0/1

HARDENINGRestrict local access to engineering workstations through physical security or endpoint access controls

CVEs (1)

CVE-2023-4088

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close