OTPulse
FeedAboutContact

Mitsubishi Electric GX Works2

Low Risk2.9ICS-CERT ICSA-23-331-03Nov 28, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary

A denial-of-service vulnerability exists in the simulation function of Mitsubishi Electric GX Works2 due to improper input validation. An attacker with local access to an engineering workstation could send specially crafted packets to crash the simulation function. No public exploitation has been reported, and the vulnerability cannot be exploited remotely.

What this means
What could happen
A local attacker with access to an engineering workstation running GX Works2 could send specially crafted packets to the simulation function, causing the application to crash and temporarily halt simulation activities.
Who's at risk
Engineering and control system operators at utilities and energy facilities who use Mitsubishi Electric GX Works2 for programming and simulation of PLC and control equipment. This affects all versions of the software.
How it could be exploited
An attacker must first obtain local access to a computer running GX Works2 (typically an engineering workstation). They then send specially crafted input packets to the simulation function, which fails to validate the input properly and crashes. The attack requires the simulation function to be active.
Prerequisites
  • Local access to the engineering workstation running GX Works2
  • GX Works2 simulation function must be active
  • Ability to send specially crafted packets to the simulation interface
no patch availablelocal access requiredhigh attack complexityaffects engineering/development workflow
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
GX Works2: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/3

Patching may require device reboot — plan for process interruption

HARDENINGInstall and maintain current antivirus software on all engineering workstations running GX Works2
HARDENINGKeep engineering workstations with GX Works2 isolated to the LAN and block remote login from untrusted networks and users
HARDENINGUse firewall and/or VPN to restrict access to engineering workstations if Internet connectivity is required; allow only trusted users to log in remotely
Mitigations - no patch available
0/1
GX Works2: vers:all/* has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement user awareness training: do not open untrusted files or click untrusted links on engineering workstations
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/dd1c45b4-bf84-4426-b300-9b3231553b9e
Mitsubishi Electric GX Works2 | CVSS 2.9 - OTPulse