Multiple unpatched security vulnerabilities have been disclosed in Mitsubishi safety programmable logic controllers (PLCs) that could be exploited by an adversary to acquire legitimate user names registered in the module via a brute-force attack, unauthorized login to the CPU module, and even cause a denial-of-service (DoS) condition.
The security weaknesses, disclosed by Nozomi Networks,
lecrab