Palo Alto Networks has disclosed the details of five high-severity vulnerabilities affecting Iconics and Mitsubishi Electric supervisory control and data acquisition (SCADA) products.
Impacted products include Genesis64 and MC Works64. The same vulnerabilities affect both Iconics and Mitsubishi Electric products because the former is part of the latter.
The SCADA vulnerabilities include DLL hijacking (CVE-2024-1182), incorrect default permission (CVE-2024-7587), uncontrolled search path element (CVE-2024-8299 and CVE-2024-9852), and dead code (CVE-2024-8300) issues.
Exploitation of all these security holes requires authentication, but they can allow attackers who have already gained access to the targeted organization’s systems to execute arbitrary code, elevate privileges, and manipulate critical files.
In a real world attack aimed at industrial systems, an attacker could leverage the SCADA vulnerabilities to cause disruption and in some cases to take full control of a system.
“In combination, these vulnerabilities pose a risk to the confidentiality, integrity and availability of a system,” the cybersecurity firm warned.
Palo Alto noted that the vulnerabilities could be valuable to attackers considering that the Iconics and Mitsubishi Electric products have hundreds of thousands of installations around the world, including in sectors such as government, military, water, manufacturing, and energy.
The vulnerabilities were discovered by the security firm in early 2024 in Iconics Suite and Mitsubishi Electric MC Works versions 10.97.2 and 10.97.3 for Windows. Patches and mitigations were released last year.
The existence of the security holes came to light in 2024, when the cybersecurity agency CISA and the impacted vendors published advisories and announced patches and mitigations.
Related: Organizations Still Not Patching OT Due to Disruption Concerns
Related: ICS/OT Security Budgets Increasing, but Critical Areas Underfunded
Related: Free Diagram Tool Aids Management of Complex ICS/OT Cybersecurity Decisions