ICSA-21-252-03 · Published 2021-09-09 · View on CISA ICS-CERT ↗

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to gain remote code execution, obtain credentials, and use credentials found to log into other affected devices.

CVEs (7)

CVE-2019-14931 CVE-2019-14927 CVE-2019-14928 CVE-2019-14926 CVE-2019-14930 CVE-2019-14929 CVE-2019-14925

Remediations

Mitsubishi Electric Europe B.V. recommends users update to firmware Version 3.3 or later.

Affected Vendors

Mitsubishi Electric

Affected Products (1)

Mitsubishi Electric · smartRTU and INEA ME-RTU < 3.3

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more