CISA has published an advisory on a permission issues vulnerability in Mitsubishi Electric Multiple Factory Automation Engineering Software Products. Multiple products and versions of the products are affected. Successful exploitation of this vulnerability may enable the reading of arbitrary files, cause a denial-of-service condition, and allow execution of a malicious binary. Multiple Electric recommends a series of steps to address the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
H2OSecCon Spring 2024 - featuring panels and briefings on cybersecurity, physical security, operational resilience, and more - is on May 23. REGISTER NOW!