Mitsubishi Electric Electrical discharge machines

Act NowCVSS 9.8ICS-CERT ICSA-24-051-03Feb 20, 2024

Mitsubishi ElectricEnergy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in Mitsubishi Electric EDM (electrical discharge machine) D-CUBES control systems (CWE-20: improper input validation) allows unauthenticated attackers to gain code execution and control the machine. Affected products include Wire-cut EDM MP, MX, and MV series, and Sinker EDM SV-P and SG series machines. An attacker can disclose, tamper with, or destroy data on the machine, or cause a denial-of-service condition. Mitsubishi Electric recommends installing Special Modification Patch BRD-C62W003-A0 on Standard system controllers (BRD-B60W000 and BRD-M60W000), but has not released fixes for Special system controllers (BRD-B63W000, BRD-M63W000). Mitigations include firewall restrictions, network segmentation, physical access controls, and antivirus deployment on connected computers.

What this means

What could happen

An attacker with network access to an affected Mitsubishi Electric EDM machine could run arbitrary code on the device, potentially altering cutting parameters, stopping production, or corrupting tool data. This could cause product defects, equipment damage, or extended downtime.

Who's at risk

Manufacturers operating Mitsubishi Electric wire-cut EDM (MP, MX, MV series) and sinker EDM (SV-P, SG series) machines with D-CUBES control systems should be concerned. This affects precision manufacturing facilities that use these machines for metal cutting and component finishing.

How it could be exploited

An attacker on the network reaches the EDM machine's control interface (D-CUBES system) without authentication, sends a crafted input, and gains code execution. The attacker can then issue commands to alter machine setpoints, disable safety interlocks, or erase configuration data.

Prerequisites

Network access to the EDM machine control port or interface
No credentials required to trigger the vulnerability

Remotely exploitableNo authentication requiredLow complexityHigh EPSS score (92.2%)No patch available for many affected versionsAffects industrial production equipment

Exploitability

Likely to be exploited — EPSS score 91.9%

Metasploit module available — weaponized exploitView module ↗

Public Proof-of-Concept (PoC) on GitHub (5 repositories)

Affected products (32)

32 pending

ProductAffected VersionsFix Status

Wire-cut EDM MP Series MP4800 D-CUBES Series Special system BRD-B63W000 to W036: vers:all/*All versionsNo fix yet

Wire-cut EDM MX Series MX900 D-CUBES Series Standard system BRD-B60W000: <=B13__without_Special_Modification_Patch_BRD-C62W003-A0_installed≤ B13 without Special Modification Patch BRD-C62W003-A0 installedNo fix yet

Wire-cut EDM MX Series MX2400 D-CUBES Series Standard system BRD-B60W000: <=B13__without_Special_Modification_Patch_BRD-C62W003-A0_installed≤ B13 without Special Modification Patch BRD-C62W003-A0 installedNo fix yet

Wire-cut EDM MX Series MX900 D-CUBES Series Special system BRD-B63W000 to W036: vers:all/*All versionsNo fix yet

Wire-cut EDM MX Series MX2400 D-CUBES Series Special system BRD-B63W000 to W036: vers:all/*All versionsNo fix yet

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDImplement network-based firewall rules to restrict access to EDM machine control interfaces from untrusted networks and hosts

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXInstall Mitsubishi Electric Special Modification Patch BRD-C62W003-A0 on all affected Standard system controllers

HARDENINGDeploy anti-virus and endpoint detection software on all computers that can communicate with the EDM machines

Long-term hardening

0/2

HARDENINGRestrict physical access to affected EDM machines and connected workstations to authorized personnel only

HARDENINGSegment EDM machines and engineering workstations from general corporate network using VLAN or air-gapped controls network

CVEs (1)

CVE-2023-21554

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/ef80219f-b8f1-436c-b77a-a46c3fc499bc

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.