Mitsubishi Electric MELSOFT MaiLab and MELSOFT VIXIO (Update A)

Risk Summary

Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition in the target product.

CVEs (1)

Remediations

• Mitsubishi Electric recommends users install the fixed version below and update the software:
• MELSOFT MaiLab: Install Version 1.06G or later.
• MELSOFT VIXIO: Install Version 1.04E or later.
• For information about how to install the fixed version, please contact a local Mitsubishi Electric representative.
• Mitsubishi Electric recommends users take the following mitigations to minimize the risk of exploiting this vulnerability:
• When Internet access is required, use a firewall or a virtual private network (VPN) to prevent unauthorized access.
• Use the products within a control system, and protect the network and devices in the control system with a firewall to block access from untrusted networks and hosts.
• Restrict physical access to the PC on which the product is installed and the network to which the PC is connected to prevent unauthorized access.
• Do not click on web links in emails or other messages from untrusted sources. Also, do not open attachments from untrusted emails.
• For specific update instructions and additional details see the Mitsubishi Electric advisory.

Affected Vendors

Affected Products (4)

Affected Sectors

Critical Manufacturing