OTPulse
FeedAboutContact

Mitsubishi Electric GT Designer3

Monitor5.1ICS-CERT ICSA-25-350-04Dec 16, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary

GT Designer3 Version1 for GOT2000 and GOT1000 series stores plaintext credentials in project files. An attacker with access to a project file can extract these credentials and use them to log into a GOT2000 or GOT1000 operator terminal to perform unauthorized operations. No vendor patch is available.

What this means
What could happen
An attacker who gains access to a GT Designer3 project file can extract plaintext credentials and use them to remotely control GOT2000 or GOT1000 operator terminals, potentially modifying process setpoints or disabling alarms in energy infrastructure.
Who's at risk
Energy utilities operating GOT2000 and GOT1000 series operator terminals should be concerned. The risk is highest for organizations that use GT Designer3 to manage terminal configurations and allow workstations to connect to untrusted networks or receive email with project files.
How it could be exploited
An attacker obtains a GT Designer3 project file (via email, file share, or compromised workstation) and extracts plaintext credentials stored in the file. The attacker then uses those credentials to log into a GOT2000 or GOT1000 terminal over the network and execute unauthorized operations.
Prerequisites
  • Access to a GT Designer3 project file (local file access or social engineering)
  • Network connectivity to a GOT2000 or GOT1000 device
  • Knowledge that credentials are embedded in the project file
No patch availableLocal file access required but credentials stored in plaintextAffects supervisory/HMI systemsProject files commonly shared via email or file systems
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
GT Designer3 Version1 (GOT2000): vers:all/*All versionsNo fix (EOL)
GT Designer3 Version1 (GOT1000): vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGRestrict GT Designer3 workstations to LAN-only use; block all remote access from untrusted networks
HARDENINGIf internet connectivity is required, deploy firewall rules or VPN to allow only trusted users to access the workstation remotely
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGInstall and maintain antivirus software on all GT Designer3 workstations
Mitigations - no patch available
0/1
The following products have reached End of Life with no planned fix: GT Designer3 Version1 (GOT2000): vers:all/*, GT Designer3 Version1 (GOT1000): vers:all/*. Apply the following compensating controls:
HARDENINGTrain users not to open project files from untrusted sources
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/cdd197e4-21f5-4031-8e3f-a6e1c672b54e
Mitsubishi Electric GT Designer3 | CVSS 5.1 - OTPulse