Late Monday afternoon the DHS ICS-CERT published a new advisory for
the Mitsubishi MX Component that closed the book on
the alert for that equipment that was issued last month. Both documents
address an ActiveX buffer overflow vulnerability that was discovered by Derek
Betker and Dr Ide, who published exploit code for the
vulnerability on the OSVDB.org web site.
ICS-CERT reports that a moderately skilled attacker could
remotely exploit this vulnerability to execute a DOS attack or executing
arbitrary code. Mitsubishi recommends upgrading the equipment to MX Component
version 4.3 which is not affected by this vulnerability.
Posts
No comments:
Post a Comment