CVE-2020-14521
📋 TL;DR
This vulnerability in Mitsubishi Electric Factory Automation engineering software allows malicious code execution, enabling attackers to steal data, modify systems, or cause denial-of-service. It affects multiple industrial control system (ICS) engineering tools used for programming and configuring factory equipment. Organizations using these products in industrial environments are at risk.
💻 Affected Systems
- MELSOFT series engineering software products including GX Works3, GX Works2, MT Works2, MX Component
📦 What is this software?
C Controller Interface Module Utility by Mitsubishielectric
View all CVEs affecting C Controller Interface Module Utility →
C Controller Module Setting And Monitoring Tool by Mitsubishielectric
View all CVEs affecting C Controller Module Setting And Monitoring Tool →
Cc Link Ie Control Network Data Collector by Mitsubishielectric
View all CVEs affecting Cc Link Ie Control Network Data Collector →
Cc Link Ie Field Network Data Collector by Mitsubishielectric
View all CVEs affecting Cc Link Ie Field Network Data Collector →
Cc Link Ie Tsn Data Collector by Mitsubishielectric
Cpu Module Logging Configuration Tool by Mitsubishielectric
View all CVEs affecting Cpu Module Logging Configuration Tool →
Cw Configurator by Mitsubishielectric
Data Transfer by Mitsubishielectric
Ezsocket by Mitsubishielectric
Fr Configurator Sw3 by Mitsubishielectric
Fr Configurator2 by Mitsubishielectric
Gt Designer2 Classic by Mitsubishielectric
Gt Designer3 by Mitsubishielectric
Gt Softgot1000 by Mitsubishielectric
Gt Softgot2000 by Mitsubishielectric
Gx Developer by Mitsubishielectric
Gx Logviewer by Mitsubishielectric
Gx Works2 by Mitsubishielectric
Gx Works3 by Mitsubishielectric
M Commdtm Io Link by Mitsubishielectric
Melfa Works by Mitsubishielectric
Melsec Wincpu Setting Utility by Mitsubishielectric
Melsoft Complete Clean Up Tool by Mitsubishielectric
Melsoft Em Software Development Kit by Mitsubishielectric
View all CVEs affecting Melsoft Em Software Development Kit →
Melsoft Iq Appportal by Mitsubishielectric
Melsoft Navigator by Mitsubishielectric
Mi Configurator by Mitsubishielectric
Motion Control Setting by Mitsubishielectric
Motorizer by Mitsubishielectric
Mr Configurator2 by Mitsubishielectric
Mt Works2 by Mitsubishielectric
Mtconnect Data Collector by Mitsubishielectric
Mx Component by Mitsubishielectric
Mx Mesinterface by Mitsubishielectric
Mx Mesinterface R by Mitsubishielectric
Mx Sheet by Mitsubishielectric
Network Interface Board Cc Ie Control Utility Firmware by Mitsubishielectric
View all CVEs affecting Network Interface Board Cc Ie Control Utility Firmware →
Network Interface Board Cc Ie Field Utility Firmware by Mitsubishielectric
View all CVEs affecting Network Interface Board Cc Ie Field Utility Firmware →
Network Interface Board Cc Link Ver.2 Utility Firmware by Mitsubishielectric
View all CVEs affecting Network Interface Board Cc Link Ver.2 Utility Firmware →
Network Interface Board Mneth Utility Firmware by Mitsubishielectric
View all CVEs affecting Network Interface Board Mneth Utility Firmware →
Position Board Utility 2 by Mitsubishielectric
Px Developer by Mitsubishielectric
Rt Toolbox2 by Mitsubishielectric
Rt Toolbox3 by Mitsubishielectric
Setting\/monitoring Tools For The C Controller Module by Mitsubishielectric
View all CVEs affecting Setting\/monitoring Tools For The C Controller Module →
Slmp Data Collector by Mitsubishielectric
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of industrial control systems leading to production shutdown, equipment damage, data theft, and safety incidents.
Likely Case
Unauthorized access to engineering workstations, data exfiltration, and disruption of programming/configuration capabilities.
If Mitigated
Limited impact if systems are properly segmented, monitored, and access-controlled.
🎯 Exploit Status
Exploitation requires access to the engineering workstation and knowledge of the software. No public exploit code is available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions specified in Mitsubishi Electric advisory 2020-007
Vendor Advisory: https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-007_en.pdf
Restart Required: Yes
Instructions:
1. Download updated software versions from Mitsubishi Electric support portal. 2. Install updates on all affected engineering workstations. 3. Restart systems after installation. 4. Verify installation through version checks.
🔧 Temporary Workarounds
Network Segmentation
allIsolate engineering workstations from general corporate networks and internet access
Access Control
windowsImplement strict user access controls and principle of least privilege for engineering software
🧯 If You Can't Patch
- Implement strict network segmentation to isolate engineering workstations
- Apply host-based firewalls and disable unnecessary services on affected systems
🔍 How to Verify
Check if Vulnerable:
Check installed version of MELSOFT software against vulnerable versions listed in vendor advisoryCheck Version:
Check version through software's Help > About menu or Windows Programs and FeaturesVerify Fix Applied:
Verify software version matches patched versions in advisory and test functionality📡 Detection & Monitoring
Log Indicators:
- Unusual process execution from engineering software
- Unexpected network connections from engineering workstations
- Failed authentication attempts to engineering software
Network Indicators:
- Unexpected traffic from engineering workstations to external networks
- Anomalous protocol usage on engineering network segments
SIEM Query:
source="engineering-workstation" AND (event_type="process_creation" OR event_type="network_connection") AND severity>=medium