Attacks and Vulnerabilities
Building Management Systems
Critical infrastructure
Industrial Cyber Attacks
Industries
Manufacturing
Mining, Oil & Gas
News
Technology & Solutions
Transportation
Utilities: Energy & Power, Water, Waste
Vulnerabilities

Several DoS vulnerabilities detected in Mitsubishi GOT, Tension Controller

September 07, 2021
Tension Controller

Mitsubishi Electric revealed that multiple Denial of Service (DoS) vulnerabilities exist in the TCP/IP protocol stack of its GOT (Graphic Operation Terminal) and Tension Controller because of improper handling of exceptional conditions and improper input validation. These security loopholes may be used by a remote attacker to cause a DoS condition of GOT and Tension Controller by sending specially crafted packets.

Mitsubishi GOT and Tension Controller products are used globally in the critical manufacturing sector.

The affected products and versions of the Mitsubishi GOT Series under the GOT2000 series include the GT21 model. Under this model, all versions of GT2107-WTBD, GT2107-WTSD, GT2104-RTBD, GT2104-PMBD, and GT2103-PMBD are affected, Mitsubishi said in its advisory. The company also found security loopholes in its GOT SIMPLE series, GS21 model across all versions of its GS2110-WTBD, GS2107-WTBD, GS2110-WTBD-N, and GS2107-WTBD-N products.

In the case of the Tension Controller, Mitsubishi identified that all versions of the LE7-40GU-L product line were affected by security vulnerabilities.

The Mitsubishi GOT is a Human-Machine Interface (HMI) that delivers advanced functionality, acts as a seamless gateway to other industrial automation devices while increasing productivity and efficiency. It helps to downsize the operation panel, as switches and lamps are created using software, the number of components attached to the operation panel as hardware can be reduced and the panel itself can be downsized. It also cuts down wiring costs between components inside the operation panel.

The Mitsubishi Tension Controller delivers functions necessary for ‘tension control’ that is contained in the small form factor. In addition to the control functions, the tension controller has an easy-to-see display and a user-friendly panel. It has a power amplifier output for powder clutch/brake, and you can easily introduce highly functional tension control. Complete with network functions, the tension controllers come with Ethernet and RS-485 communication as standard built-in functions. 

Mitsubishi Electric has advised its users to minimize the risk of exploiting this vulnerability by using a firewall or virtual private network (VPN) to prevent unauthorized access when Internet access is required. It also advised using within a LAN and blocking access from untrusted networks and hosts through firewalls, and using the IP filter function to restrict the accessible IP addresses. 

In May, the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory on the presence of buffer access with incorrect length value vulnerability in Mitsubishi’s GOT and Tension Controller. The exploitation of the vulnerability may be able to stop the communication function of the products, requiring a reset to regain functionality, it added.

Nozomi Networks Labs identified last month the presence of five vulnerabilities affecting Mitsubishi’s safety programmable logic controller (PLCs) that relate to the authentication of the MELSOFT communication protocol. An initial set of vulnerabilities were disclosed to the vendor through Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in January this year. A second set was disclosed more recently through the same process.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Armis
Armis acquires Silk Security for $150 million to enhance AI-driven cybersecurity capabilities
Nozomi discovers five vulnerabilities in AMI MegaRAC SP-X BMC, exposing OT, IOT devices to RCE attacks
Nozomi secures US$1.25 million US Air Force contract to boost DoD critical infrastructure security
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
House Energy and Commerce Committee members seek answers from UnitedHealth on Change healthcare cyberattack
House Energy and Commerce Committee members seek answers from UnitedHealth on Change healthcare cyberattack
CISA announces Cyber Storm IX cybersecurity exercise to strengthen national cyber readiness
CISA announces Cyber Storm IX cybersecurity exercise to strengthen national cyber readiness
New NSA guidance identifies need to update AI systems to address changing risks, bolster security
New NSA guidance identifies need to update AI systems to address changing risks, bolster security
Claroty’s Team82 details cyber attack by Blackjack hackers on Moscow's emergency detection systems
Claroty’s Team82 details cyber attack by Blackjack hackers on Moscow’s emergency detection systems
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations