Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC-F Series

Rewterz Threat Advisory – CVE-2022-23222 – Linux Kernel Vulnerability

January 17, 2022

Rewterz Threat Advisory – CVE-2021-39032 – IBM Sterling Gentran: Server for Windows

January 17, 2022

Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC-F Series

Severity

High

Analysis Summary

CVE-2021-20613

An attacker could send a specially crafted packet that could create a denial-of-service condition in the communication function of the product. A system reset is required for recovery.

CVE-2021-20612

The affected product is vulnerable due to a lack of administrative controls, which may allow an attacker to remotely send specially crafted packets and cause a denial-of-service condition or other unspecified effects.

Impact

Denial of Service

Affected Vendors

Mitsubishi Electric

Affected Products

Mitsubishi FX3U-ENET 1.14
Mitsubishi FX3U-ENET-L 1.14
Mitsubishi FX3U-ENET-P502 1.14

Remediation

Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.
CVE-2021-20613

https://www.cisa.gov/uscert/ics/advisories/icsa-22-013-07

CVE-2021-20612

https://www.cisa.gov/uscert/ics/advisories/icsa-22-013-01

Rewterz Threat Advisory – CVE-2022-23222 – Linux Kernel Vulnerability

Rewterz Threat Advisory – CVE-2021-39032 – IBM Sterling Gentran: Server for Windows

Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC-F Series

Severity

Analysis Summary

CVE-2021-20613

CVE-2021-20612

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan