Asher Davila

**Name of the Vulnerable Software and Affected Versions** Mitsubishi Electric GENESIS64 all versions Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions Mitsubishi Electric ICONICS Suite all versions Mitsubishi Electric Iconics Digital Solutions ICONICS Suite all versions Mitsubishi Electric MC Works64 all versions Mitsubishi Electric GENESIS version 11.00 Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00 Mitsubishi Electric GENESIS32 all versions Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions Mitsubishi Electric BizViz all versions Mitsubishi Electric Iconics Digital Solutions BizViz all versions Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions prior to 10.97.3 **Description** An execution with unnecessary privileges issue exists in multiple Mitsubishi Electric products. A local authenticated attacker can perform unauthorized writes to arbitrary files by creating a symbolic link from a file used as a write destination to a target file. This could allow the attacker to destroy files on an affected system, potentially leading to a denial-of-service (DoS) condition if the destroyed file is critical for system operation. The vulnerability impacts the Pager agent of the multi-agent notification feature in Mitsubishi Electric Iconics Digital Solutions GENESIS64. Reports indicate this issue could affect critical industrial systems and lead to a DoS attack. **Recommendations** Mitsubishi Electric GENESIS64: Update to a version later than 10.97.3. Mitsubishi Electric Iconics Digital Solutions GENESIS64: Update to a version later than 10.97.3. Mitsubishi Electric ICONICS Suite: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric Iconics Digital Solutions ICONICS Suite: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric MC Works64: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric GENESIS version 11.00: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric GENESIS32: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric Iconics Digital Solutions GENESIS32: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric BizViz: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Mitsubishi Electric Iconics Digital Solutions BizViz: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ICONICS GENESIS64 all versions Mitsubishi Electric GENESIS64 all versions Mitsubishi Electric MC Works64 all versions **Description** The issue is related to an uncontrolled search path element, which can be exploited by a local authenticated attacker to execute malicious code. This is achieved by storing a specially crafted DLL in a specific folder, potentially leading to information disclosure, tampering, destruction, or deletion, as well as causing a denial of service (DoS) condition on the affected products. **Recommendations** For ICONICS GENESIS64 all versions, consider disabling the ability to store DLL files in specific folders as a temporary workaround until a patch is available. For Mitsubishi Electric GENESIS64 all versions, restrict access to folders where DLL files can be stored to minimize the risk of exploitation. For Mitsubishi Electric MC Works64 all versions, avoid using folders that allow the storage of specially crafted DLL files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Mitsubishi Electric FA Connector SCADA-system GENESIS64 versions 10.97.2 through 10.97.3 ICONICS GENESIS64 versions 10.97.2 through 10.97.3 **Description** The issue is related to the presence of dead code in the GENESIS64 system, which can be exploited by a local authenticated attacker to execute malicious code by tampering with a specially crafted DLL. This could lead to disclosure, tampering with, destruction, or deletion of information in the affected products, or cause a denial of service (DoS) condition on the products. **Recommendations** For Mitsubishi Electric FA Connector SCADA-system GENESIS64 versions 10.97.2 through 10.97.3, update to a version that does not contain the dead code vulnerability. For ICONICS GENESIS64 versions 10.97.2 through 10.97.3, update to a version that does not contain the dead code vulnerability. As a temporary workaround, consider restricting access to the DLL files to prevent tampering until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ICONICS GENESIS64 all versions Mitsubishi Electric GENESIS64 all versions Mitsubishi Electric MC Works64 all versions **Description** The issue is related to an uncontrolled search path element, which can be exploited by a local authenticated attacker to execute malicious code. This could lead to unauthorized access to read, modify, or delete data, execute arbitrary code, or cause a denial of service condition. The vulnerability allows an attacker to store a specially crafted DLL in a specific folder, potentially resulting in the disclosure, tampering, destruction, or deletion of information in the affected products. **Recommendations** For ICONICS GENESIS64 all versions, consider disabling the vulnerable component until a patch is available. For Mitsubishi Electric GENESIS64 all versions, restrict access to the specific folder where the malicious DLL can be stored. For Mitsubishi Electric MC Works64 all versions, avoid using the vulnerable search path element until the issue is resolved. As a temporary workaround, consider restricting the execution of malicious code by implementing additional security measures, such as monitoring and controlling the storage of DLL files in specific folders. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ICONICS GENESIS64 versions 10.97.3 and prior Mitsubishi Electric GENESIS64 versions 10.97.3 and prior Mitsubishi Electric MC Works64 all versions **Description** The issue is related to incorrect default permissions in GenBroker32, which is included in the installers for the mentioned products. This allows a local authenticated attacker to disclose or tamper with confidential information and data contained in the products, or cause a denial of service (DoS) condition on the products, by accessing a folder with incorrect permissions, when GenBroker32 is installed on the same PC as GENESIS64 or MC Works64. **Recommendations** For ICONICS GENESIS64 versions 10.97.3 and prior, consider disabling the GenBroker32 component until a patch is available. For Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, restrict access to the folder with incorrect permissions to minimize the risk of exploitation. For Mitsubishi Electric MC Works64 all versions, avoid using the vulnerable GenBroker32 component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.