ICSA-21-061-03 · Published 2021-03-02 · View on CISA ICS-CERT ↗

MB connect line mbCONNECT24, mymbCONNECT24

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow a remote attacker to gain unauthorized access to arbitrary information or allow remote code execution.

CVEs (18)

CVE-2020-12527 CVE-2020-12528 CVE-2020-12529 CVE-2020-12530 CVE-2020-35557 CVE-2020-35558 CVE-2020-35559 CVE-2020-35560 CVE-2020-35561 CVE-2020-35563 CVE-2020-35564 CVE-2020-35565 CVE-2020-35566 CVE-2020-35567 CVE-2020-35568 CVE-2020-35569 CVE-2020-35570 CVE-2020-10384

Remediations

Additional details can be found on MB connect line's website.
MB connect line recommends users update mymbCONNECT24 and mbCONNECT24 to Version 2.71 or higher to mitigate many of these vulnerabilities. A future release will include mitigations for the remaining vulnerabilities found in CVE-2020-35567, CVE-2020-35565, and CVE-2020-35561.
CVE-2020-35561: Avoid vulnerable open ports on the LAN side of the server by using a firewall solution
CVE-2020-35565: Activate bruteforce detection via Security → Fail2Ban → WebLogin

Affected Vendors

MB connect line

Affected Products (1)

MB connect line · mymbCONNECT24 <= 2.6.1

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more