Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks

Summary: Palo Alto Networks has identified five high-severity vulnerabilities in Iconics and Mitsubishi Electric’s SCADA products, including Genesis64 and MC Works64. These vulnerabilities could allow authenticated attackers to execute arbitrary code and manipulate critical system files, posing significant risks to various sectors globally. Despite the issuance of patches, the widespread use of these systems raises concerns about their exploitation in real-world scenarios.

Affected: Iconics and Mitsubishi Electric SCADA products (Genesis64, MC Works64)

Keypoints :

• Five high-severity vulnerabilities were disclosed, including DLL hijacking and privilege escalation issues.
• Exploitation requires authentication but poses risks to system confidentiality, integrity, and availability.
• The vulnerabilities are present in widely installed versions of Iconics Suite and MC Works for Windows.