CISA has issued three Industrial Control Systems (ICS) advisories addressing critical vulnerabilities in Rockwell Automation FactoryTalk Activation, Mitsubishi Electric Factory Automation Products, and Unitronics Vision and Samba Series. The advisories provide details on the risks, affected products, and technical aspects of the vulnerabilities. For Rockwell Automation, a buffer overflow vulnerability in FactoryTalk Activation Manager poses a significant risk, potentially allowing attackers to gain full access to the system.
Mitsubishi Electric faces issues such as observable timing discrepancies and double free vulnerabilities in multiple Factory Automation Products, with successful exploitation leading to information disclosure and denial-of-service conditions. Unitronics Vision and Samba Series are affected by a severe vulnerability involving the use of default administrative passwords, enabling unauthenticated attackers to take administrative control of the systems.
The Rockwell Automation FactoryTalk Activation vulnerability (CVE-2023-38545) is characterized by an out-of-bounds write, and another vulnerability (CVE-2023-3935) involves a heap buffer overflow in Wibu CodeMeter Runtime network service. Mitsubishi Electric’s Factory Automation Products exhibit observable timing discrepancies, double free vulnerabilities, and type confusion, potentially leading to information disclosure and denial-of-service conditions.
The Unitronics Vision and Samba Series vulnerability (CVE-2023-6448) highlight the use of default administrative passwords, allowing unauthenticated attackers to take control of the system. The affected products span critical infrastructure sectors globally, emphasizing the need for prompt mitigation to secure industrial control systems from potential exploitation.
CISA urges organizations in critical manufacturing, water and wastewater sectors, and other relevant areas to take immediate action in response to these advisories. The comprehensive details provided in the advisories serve as a crucial resource for system administrators and cybersecurity professionals tasked with securing industrial control systems against potential threats and unauthorized access.