Details of VAR-202007-0208

ID

VAR-202007-0208

CVE

CVE-2020-12015

TITLE

Unreliable data deserialization vulnerabilities in multiple MC products

Trust: 0.8

sources: JVNDB: JVNDB-2020-008308

DESCRIPTION

A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition due to improper deserialization. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and earlier, all versions; Mitsubishi Electric MC Works32 version 3.00A (9.50.255.02); ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server version 10.96 and prior; ICONICS GenBroker32 version 9.5 and prior. Several Mitsubishi Electric products contain vulnerabilities related to unreliable data deserialization.Service operation interruption (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS Genesis64. Authentication is not required to exploit this vulnerability.The specific flaw exists with the handling of serialized objects. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Mitsubishi Electric MC Works64 and MC Works32 are a set of data acquisition and monitoring system (SCADA) of Japan Mitsubishi Electric (Mitsubishi Electric) company. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided

Trust: 3.15

sources: NVD: CVE-2020-12015 // JVNDB: JVNDB-2020-008308 // ZDI: ZDI-20-780 // CNVD: CNVD-2020-34372 // IVD: 4bda61ca-bd50-4b09-a018-05ea35ff2332 // IVD: 31ad87c7-757e-410a-89c6-906cc763b446

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: 4bda61ca-bd50-4b09-a018-05ea35ff2332 // IVD: 31ad87c7-757e-410a-89c6-906cc763b446 // CNVD: CNVD-2020-34372

AFFECTED PRODUCTS

vendor:	mitsubishi	model:	electric mc works64 <=4.02c	scope:	eq	version:	(10.95.208.31)	Trust: 1.0
vendor:	iconics	model:	energy analytix	scope:	eq	version:	-	Trust: 1.0
vendor:	mitsubishielectric	model:	mc works	scope:	lte	version:	10.95.208.31	Trust: 1.0
vendor:	iconics	model:	mobilehmi	scope:	eq	version:	-	Trust: 1.0
vendor:	iconics	model:	bizviz	scope:	eq	version:	-	Trust: 1.0
vendor:	iconics	model:	facility analytix	scope:	eq	version:	-	Trust: 1.0
vendor:	mitsubishielectric	model:	mc works32	scope:	eq	version:	9.50.255.02	Trust: 1.0
vendor:	iconics	model:	genesis64	scope:	eq	version:	-	Trust: 1.0
vendor:	iconics	model:	genesis32	scope:	eq	version:	-	Trust: 1.0
vendor:	iconics	model:	quality analytix	scope:	eq	version:	-	Trust: 1.0
vendor:	iconics	model:	hyper historian	scope:	eq	version:	-	Trust: 1.0
vendor:	iconics	model:	smart energy analytix	scope:	eq	version:	-	Trust: 1.0
vendor:	iconics	model:	bizviz	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	energy analytix	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	facility analytix	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	genesis 64	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	genesis32	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	hyper historian	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	mobilehmi	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	quality analytix	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	smart energy analytix	scope:	-	version:	-	Trust: 0.8
vendor:	mitsubishi electric	model:	mc works	scope:	eq	version:	64	Trust: 0.8
vendor:	mitsubishi electric	model:	mc works 32	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	genesis64	scope:	-	version:	-	Trust: 0.7
vendor:	mitsubishi	model:	electric mc works32 3.00a	scope:	eq	version:	(9.50.255.02)	Trust: 0.6
vendor:	mitsubishi	model:	electric mc works32 3.00a	scope:	eq	version:	(9.50.255.02)*	Trust: 0.4

sources: IVD: 4bda61ca-bd50-4b09-a018-05ea35ff2332 // IVD: 31ad87c7-757e-410a-89c6-906cc763b446 // ZDI: ZDI-20-780 // CNVD: CNVD-2020-34372 // JVNDB: JVNDB-2020-008308 // NVD: CVE-2020-12015

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-12015
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-008308
value:	HIGH
Trust: 0.8
ZDI:	CVE-2020-12015
value:	CRITICAL
Trust: 0.7
CNVD:	CNVD-2020-34372
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202006-1209
value:	HIGH
Trust: 0.6
IVD:	4bda61ca-bd50-4b09-a018-05ea35ff2332
value:	HIGH
Trust: 0.2
IVD:	31ad87c7-757e-410a-89c6-906cc763b446
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2020-12015
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-008308
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-34372
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	4bda61ca-bd50-4b09-a018-05ea35ff2332
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	31ad87c7-757e-410a-89c6-906cc763b446
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2020-12015
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-008308
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2020-12015
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 0.7

PROBLEMTYPE DATA

problemtype:

CWE-502

Trust: 1.8

sources: JVNDB: JVNDB-2020-008308 // NVD: CVE-2020-12015

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202006-1209

TYPE

Code problem

Trust: 1.0

sources: IVD: 4bda61ca-bd50-4b09-a018-05ea35ff2332 // IVD: 31ad87c7-757e-410a-89c6-906cc763b446 // CNNVD: CNNVD-202006-1209

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-008308

PATCH

title:	Top Page	url:	https://iconics.com/	Trust: 0.8
title:	Top Page	url:	https://www.mitsubishielectric.co.jp/	Trust: 0.8
title:	ICONICS has issued an update to correct this vulnerability.	url:	https://www.us-cert.gov/ics/advisories/icsa-20-170-03	Trust: 0.7
title:	Patch for Mitsubishi Electric MC Works64 and MC Works32 code issue vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/222933	Trust: 0.6

sources: ZDI: ZDI-20-780 // CNVD: CNVD-2020-34372 // JVNDB: JVNDB-2020-008308

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12015	Trust: 4.1
db:	ICS CERT	id:	ICSA-20-170-02	Trust: 3.0
db:	ICS CERT	id:	ICSA-20-170-03	Trust: 2.4
db:	ZDI	id:	ZDI-20-780	Trust: 1.3
db:	CNVD	id:	CNVD-2020-34372	Trust: 1.0
db:	CNNVD	id:	CNNVD-202006-1209	Trust: 1.0
db:	JVN	id:	JVNVU95379131	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-008308	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-10297	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.2147	Trust: 0.6
db:	IVD	id:	4BDA61CA-BD50-4B09-A018-05EA35FF2332	Trust: 0.2
db:	IVD	id:	31AD87C7-757E-410A-89C6-906CC763B446	Trust: 0.2

REFERENCES

url:	https://www.us-cert.gov/ics/advisories/icsa-20-170-02	Trust: 2.8
url:	https://www.us-cert.gov/ics/advisories/icsa-20-170-03	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12015	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12015	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-170-02	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-170-03	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu95379131/	Trust: 0.8
url:	https://vigilance.fr/vulnerability/iconics-genesis32-genesis64-multiple-vulnerabilities-32668	Trust: 0.6
url:	https://www.zerodayinitiative.com/advisories/zdi-20-780/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2147/	Trust: 0.6

sources: ZDI: ZDI-20-780 // CNVD: CNVD-2020-34372 // JVNDB: JVNDB-2020-008308 // CNNVD: CNNVD-202006-1209 // NVD: CVE-2020-12015

CREDITS

Chris Anastasio (muffin) and Steven Seeley (mr_me) of Incite Team

Trust: 0.7

sources: ZDI: ZDI-20-780

SOURCES

db:	IVD	id:	4bda61ca-bd50-4b09-a018-05ea35ff2332
db:	IVD	id:	31ad87c7-757e-410a-89c6-906cc763b446
db:	ZDI	id:	ZDI-20-780
db:	CNVD	id:	CNVD-2020-34372
db:	JVNDB	id:	JVNDB-2020-008308
db:	CNNVD	id:	CNNVD-202006-1209
db:	NVD	id:	CVE-2020-12015

LAST UPDATE DATE

2024-11-23T22:11:26.711000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-780	date:	2020-06-30T00:00:00
db:	CNVD	id:	CNVD-2020-34372	date:	2020-06-23T00:00:00
db:	JVNDB	id:	JVNDB-2020-008308	date:	2020-09-08T00:00:00
db:	CNNVD	id:	CNNVD-202006-1209	date:	2020-07-23T00:00:00
db:	NVD	id:	CVE-2020-12015	date:	2024-11-21T04:59:07.153

SOURCES RELEASE DATE

db:	IVD	id:	4bda61ca-bd50-4b09-a018-05ea35ff2332	date:	2020-06-18T00:00:00
db:	IVD	id:	31ad87c7-757e-410a-89c6-906cc763b446	date:	2020-06-18T00:00:00
db:	ZDI	id:	ZDI-20-780	date:	2020-06-30T00:00:00
db:	CNVD	id:	CNVD-2020-34372	date:	2020-06-23T00:00:00
db:	JVNDB	id:	JVNDB-2020-008308	date:	2020-09-08T00:00:00
db:	CNNVD	id:	CNNVD-202006-1209	date:	2020-06-18T00:00:00
db:	NVD	id:	CVE-2020-12015	date:	2020-07-16T22:15:11.493