Advertisement
Top
image credit: Raysonho / Wikimedia

Mitsubishi Electric Patches Vulnerabilities in Air Conditioning Systems

July 12, 2021

Via: Security Week
Category:

Advisories describing the vulnerabilities were published this month by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Mitsubishi Electric. SecurityWeek has also obtained additional information from people involved in the discovery and disclosure of these flaws.

One advisory describes a critical vulnerability that exposes the affected control systems to unauthenticated XML external entity injection (XXE) attacks. The issue is tracked as CVE-2021-20595 and has a CVSS score of 9.3.

Read More on Security Week

RELATED PUBLICATIONS

CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
Rust can help make software secure – but it’s no cure-all
Biden will veto attempts to kill off SEC’s security breach reporting rules

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!