Select Page

The firmware on the following Mitsubishi Electric products suffer from the issues:

In one vulnerability, use of a broken or risky cryptographic algorithm allows a remote unauthenticated attacker to cause a disclosure of an encrypted message from the air conditioning systems by sniffing encrypted communications.

CVE-2022-24296 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 3.1.

In addition, the DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately 4 billion blocks. This makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode (a.k.a. a “Sweet32” attack).

CVE-2016-2183 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

Also, the RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases that make it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions using the same plaintext.
CVE-2013-2566 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.9.

In another issue, the vulnerability makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that relies on keys affected by the Invariance Weakness. An attacker can then use a brute-force approach involving LSB values (a.k.a. the “Bar Mitzvah” issue).

CVE-2015-2808 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.9.

In addition, the TLS protocol and the SSL Protocol 3.0 and earlier do not properly associate renegotiation handshakes with an existing connection in some third-party products. This allows machine-in-the-middle attackers to insert data into sessions protected by TLS or SSL by sending an unauthenticated request processed retroactively by a server in a post-renegotiation context.

CVE-2009-3555 is the case number assigned to this vulnerability, which has as CVSS v3 base score of 7.4.

The product sees use mainly in the commercial facilities sector, and on a global basis.

No known public exploits specifically target these vulnerabilities. These vulnerabilities have a high attack complexity.

Mitsubishi recommends updating the following air conditioning system’s firmware to the latest versions:

Contact Mitsubishi Electric for instructions on updating air conditioning systems.

To minimize the risk of these vulnerabilities being exploited, please make sure air conditioning systems are properly configured as recommended by Mitsubishi Electric. Mitsubishi Electric recommends taking the following mitigation measures:

See Mitsubishi Electric’s security bulletin for more information.

This content was originally published here.

error: Content is protected !!