Security company warns of Mitsubishi industrial control vulnerabilities


Cybersecurity company Nozomi Networks Labs has warned the industrial control system (ICS) security community about 5 vulnerabilities affecting Mitsubishi safety PLCs.

In a new report, the company said Mitsubishi acknowledged the issues — which are focused on the authentication implementation of the MELSOFT communication protocol — after they were discovered at the end of 2020.

The Japanese manufacturing giant has devised a strategy to patch the issues. Still, Nozomi Networks Labs said software updates for safety PLCs or medical devices often take longer to deploy than other software products. Vendors must go through specific certification processes before patches can be released, the report explained.

Read more…
Source: ZDNet