Detections
Analytics
Mitsubishi Electric MELSEC iQ-R Series Insufficiently Protected Credentials (CVE-2021-20597)
critical Tenable OT Security Plugin ID 500550
Synopsis
The remote OT asset is affected by a vulnerability.Description
Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to login to the target unauthorizedly by sniffing network traffic and obtaining credentials when registering user information in the target or changing a password.This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.Users of the affected products and versions may take measures through mitigations and workarounds. Mitsubishi Electric has released the fixed versions for CVE-2021-20594 and CVE-2021-20597 as shown below, but updating the product to the fixed version is not available.
- MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU:Firmware versions "27" or later
- MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU:Firmware versions "12" or later
Mitsubishi Electric recommends users take the following mitigation measures to minimize the risk of exploiting these vulnerabilities:
- Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.
- Use within a LAN and block access from untrusted networks and hosts through firewalls.
- Use the IP filter function to restrict the accessible IP addresses. MELSEC iQ-R Ethernet User's Manual (Application) 1.13 Security "IP filter"
- Register user information or change the password via USB. If you have already registered user information or changed the user's password via the network, change the password once via USB. This mitigation is applicable to CVE-2021-20597
Additional information about these vulnerabilities or Mitsubishi Electric's compensating control is available by contacting a Mitsubishi Electric representative.
Users should refer to Mitsubishi Electric advisories 2021-008,2021-009, and 2021-010 for further details.
See Also
https://jvn.jp/vu/JVNVU98578731/index.html
http://www.nessus.org/u?793f9b44
https://www.cisa.gov/news-events/ics-advisories/icsa-21-250-01
Plugin Details
Severity: Critical
ID: 500550
Version: 1.11
Type: remote
Family: Tenable.ot
Published: 2/7/2022
Updated: 4/25/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 4.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS Score Source: CVE-2021-20597
CVSS v3
Risk Factor: Critical
Base Score: 9.1
Temporal Score: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:mitsubishielectric:r08sfcpu_firmware, cpe:/o:mitsubishielectric:r120sfcpu_firmware, cpe:/o:mitsubishielectric:r16sfcpu_firmware, cpe:/o:mitsubishielectric:r32sfcpu_firmware, cpe:/o:mitsubishielectric:r08psfcpu_firmware, cpe:/o:mitsubishielectric:r120psfcpu_firmware, cpe:/o:mitsubishielectric:r16psfcpu_firmware, cpe:/o:mitsubishielectric:r32psfcpu_firmware
Required KB Items: Tenable.ot/Mitsubishi
Exploit Ease: No known exploits are available
Patch Publication Date: 8/6/2021
Vulnerability Publication Date: 8/6/2021
Reference Information
CVE: CVE-2021-20597
CWE: 522