CVE-2020-12013 : Security Advisory and Response
Learn about CVE-2020-12013, a code injection vulnerability affecting Mitsubishi Electric MC Works64, MC Works32, and ICONICS GenBroker64, GenBroker32. Find out the impact, affected systems, and mitigation steps.
A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects Mitsubishi Electric MC Works64, MC Works32, and ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server, and GenBroker32.
Understanding CVE-2020-12013
This CVE involves improper control of the generation of code ('code injection') affecting various products from Mitsubishi Electric and ICONICS.
What is CVE-2020-12013?
CVE-2020-12013 is a vulnerability that allows the execution of arbitrary SQL commands remotely through a specially crafted WCF client.
The Impact of CVE-2020-12013
This vulnerability can be exploited to execute arbitrary SQL commands remotely, potentially leading to unauthorized access, data manipulation, or other malicious activities.
Technical Details of CVE-2020-12013
This section provides detailed technical information about the vulnerability.
Vulnerability Description
The vulnerability arises from improper control of the generation of code, specifically allowing code injection.
Affected Systems and Versions
- Mitsubishi Electric MC Works64: Version 4.02C (10.95.208.31) and earlier, all versions
- Mitsubishi Electric MC Works32: Version 3.00A (9.50.255.02)
- ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server: v10.96 and prior
- ICONICS GenBroker32: v9.5 and prior
Exploitation Mechanism
The vulnerability can be exploited by a specially crafted WCF client that interfaces with the affected systems, allowing the execution of arbitrary SQL commands remotely.
Mitigation and Prevention
Protecting systems from CVE-2020-12013 requires immediate actions and long-term security practices.
Immediate Steps to Take
- Apply security patches provided by Mitsubishi Electric and ICONICS promptly.
- Implement network segmentation to limit access to vulnerable systems.
- Monitor network traffic for any suspicious activity.
Long-Term Security Practices
- Regularly update and patch software to address known vulnerabilities.
- Conduct security assessments and penetration testing to identify and remediate weaknesses.
- Educate users on safe computing practices and the importance of cybersecurity awareness.
Patching and Updates
Ensure that all affected systems are updated with the latest patches and security updates to mitigate the risk of exploitation.