To that end, an industrial software vulnerability report has been published on October 21st, 2021 revealing vulnerabilities within an important industrial oversight and supervision component known as SCADA or Supervisory Control And Data Acquisition. The product in question belongs to Mitsubishi Electric, specifically their MC Works64 software component. Information about the vulnerability has also been mirrored on CISA‘s portal (Cybersecurity & Infrastructure Agency).

About MC Works64

MC Works64 is an industrial monitoring and control system (SCADA) relating to production processes, operations, and manufacturing that provides real-time visualization, analytics, connectivity, and more for “manufacturing, industrial automation, and smart buildings customers”. SCADA systems exist to solve manufacturing issues and boost the efficiency of industrial plant machines and robotics. According to Allied Market Research, the SCADA global market is led by companies such as IBM Corp, Rockwell Automation, Hitachi LTD, Mitsubishi Electric and a few more key players.

The MC Works64 Vulnerability

Details from the reports reveal the software vulnerability affecting the Mistubishi Electric MC Works64 component is classified as high risk and can lead to complete compromise of a system that has not been patched to the latest secure version.

In-Depth Details

The vulnerability report details two types of security flaws in the software code; a Buffer overflow type software vulnerability (CVE-2021-27041) and an Out-of-bounds-read type software vulnerability. Both afflict unpatched versions of MC Works64. The flaws allow a remote attacker to execute arbitrary code on the target system. The instances exist due to a boundary error when processing DWG files, thus a remote attacker can as a result create a specially crafted DWG file, trick the victim into opening it, trigger memory corruption, and an out-of-bounds-read. Finally, the scenario allows a remote attacker to execute malicious arbitrary code on the target system. 

Vulnerable Software Versions

The following version of MC Works64 are vulnerable; MC Works64: 4.04E and earlier.

Important User Information

A patch has been released that fixes the high-risk software vulnerability affecting MC Works64. To apply the patch, Mitsubishi Electric shows the following steps (note: for more information about steps and mitigations please refer to this page); Download the security patch from “MC Works64 AND MC Works 32 SECURITY UPDATES” (https://iconics.com/Support/CERT-MC-Works) on ICONICS Web site. *This applies if the version number is “10.87.148.42” or earlier in the version of “MELSOFT MC Works64”, which you can confirm in “How to check the version” of “Affected products”.

Software Vulnerabilities Affecting Mitsubishi Electric SCADA Component - 43Software Vulnerabilities Affecting Mitsubishi Electric SCADA Component - 93Software Vulnerabilities Affecting Mitsubishi Electric SCADA Component - 30Software Vulnerabilities Affecting Mitsubishi Electric SCADA Component - 35