Rewterz Threat Advisory – ICS: Mitsubishi Electric CNC Series Vulnerability

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

August 4, 2023

Rewterz Threat Advisory – Multiple IBM Cognos Analytics Vulnerabilities

August 4, 2023

Rewterz Threat Advisory – ICS: Mitsubishi Electric CNC Series Vulnerability

Severity

High

Analysis Summary

CVE-2023-3346

Mitsubishi Electric CNC Series is vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially crafted packet, a remote attacker could overflow a buffer and execute arbitrary code on the system.

Impact

Buffer Overflow

Indicators Of Compromise

CVE

CVE-2023-3346

Affected Vendors

Mitsubishi Electric

Affected Products

Mitsubishi Electric M800VW
Mitsubishi Electric M800VS
Mitsubishi Electric M80V
Mitsubishi Electric M80VW
Mitsubishi Electric M800W
Mitsubishi Electric M800S
Mitsubishi Electric M80
Mitsubishi Electric M80W

Remediation

Refer to CISA-CERT Advisory for the patch, upgrade, or suggested workaround information.

CISA-CERT Advisory

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

Rewterz Threat Advisory – Multiple IBM Cognos Analytics Vulnerabilities

Rewterz Threat Advisory – ICS: Mitsubishi Electric CNC Series Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan