{"id":492515,"date":"2022-12-02T20:09:28","date_gmt":"2022-12-02T22:09:28","guid":{"rendered":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-plusieurs-vulnerabilites-critiques-affectant-les-automates-mitsubishi-electric\/"},"modified":"2022-12-02T20:09:30","modified_gmt":"2022-12-02T22:09:30","slug":"la-cisa-met-en-garde-contre-plusieurs-vulnerabilites-critiques-affectant-les-automates-mitsubishi-electric","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-plusieurs-vulnerabilites-critiques-affectant-les-automates-mitsubishi-electric\/","title":{"rendered":"La CISA met en garde contre plusieurs vuln\u00e9rabilit\u00e9s critiques affectant les automates Mitsubishi Electric"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>L&#8217;Agence am\u00e9ricaine pour la cybers\u00e9curit\u00e9 et la s\u00e9curit\u00e9 des infrastructures (CISA) a publi\u00e9 cette semaine un avertissement sur les syst\u00e8mes de contr\u00f4le industriel (ICS) concernant de multiples vuln\u00e9rabilit\u00e9s dans le logiciel d&#8217;ing\u00e9nierie Mitsubishi Electric GX Works3.<\/p>\n<p>&#8220;L&#8217;exploitation r\u00e9ussie de ces vuln\u00e9rabilit\u00e9s pourrait permettre \u00e0 des utilisateurs non autoris\u00e9s d&#8217;acc\u00e9der aux modules CPU de la s\u00e9rie MELSEC iQ-R\/F\/L et au module de serveur OPC UA de la s\u00e9rie MELSEC iQ-R ou de visualiser et d&#8217;ex\u00e9cuter des programmes&#8221;, a d\u00e9clar\u00e9 l&#8217;agence. <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-22-333-05\" target=\"_blank\">a dit<\/a>.<\/p>\n<p><a rel=\"nofollow noopener\" href=\"https:\/\/www.mitsubishielectric.com\/fa\/products\/cnt\/plceng\/smerit\/gx_works3\/index.html\" target=\"_blank\">GX Works3<\/a> est un <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/uscert\/ics\/Control_System_Engineering_Workstation-Definition.html\" target=\"_blank\">poste de travail d&#8217;ing\u00e9nierie<\/a> logiciel utilis\u00e9 dans les environnements ICS, servant de m\u00e9canisme pour charger et t\u00e9l\u00e9charger des programmes depuis\/vers le contr\u00f4leur, r\u00e9soudre les probl\u00e8mes logiciels et mat\u00e9riels et effectuer des op\u00e9rations de maintenance.<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/uptycs-inside\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEjRFZ8qsBvgTY-k97x35shkWsLwy9nml2qvGAhoSUrgnOv4cjMNq_Fxt3PX1-fGsYvukFgecZk_tEq7yo25JhDC5-Vs1Y7zQbdJRNWI2oxxbGupTJLIJ0PYz_4_8B6uWYsPON_7MgJlvofZuiWyadFpo71DOfXvGZzq6ie6zFQwJuzi2macqFLGR30PbA\/s1600\/Uptycs-728.jpg\" width=\"728\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Le large \u00e9ventail de fonctions en fait \u00e9galement une cible attrayante pour les acteurs de la menace qui cherchent \u00e0 compromettre ces syst\u00e8mes pour r\u00e9quisitionner les automates g\u00e9r\u00e9s.<\/p>\n<p>Trois des 10 lacunes concernent le stockage en clair de donn\u00e9es sensibles, quatre concernent l&#8217;utilisation d&#8217;une cl\u00e9 cryptographique cod\u00e9e en dur, deux concernent l&#8217;utilisation d&#8217;un mot de passe cod\u00e9 en dur et une concerne un cas d&#8217;identifiants insuffisamment prot\u00e9g\u00e9s.<\/p>\n<p>Le plus critique des bogues, <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-25164\" target=\"_blank\">CVE-2022-25164<\/a>et <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-29830\" target=\"_blank\">CVE-2022-29830<\/a>portent un score CVSS de 9,1 et peuvent \u00eatre utilis\u00e9s de mani\u00e8re abusive pour acc\u00e9der au module CPU et obtenir des informations sur les fichiers de projet sans n\u00e9cessiter aucune autorisation.<\/p>\n<p>Nozomi Networks, qui a d\u00e9couvert <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-29831\" target=\"_blank\">CVE-2022-29831<\/a> (score CVSS\u00a0: 7,5), a d\u00e9clar\u00e9 qu&#8217;un attaquant ayant acc\u00e8s \u00e0 un fichier de projet d&#8217;automate de s\u00e9curit\u00e9 pourrait exploiter le mot de passe cod\u00e9 en dur pour acc\u00e9der directement au module CPU de s\u00e9curit\u00e9 et potentiellement perturber les processus industriels.<\/p>\n<p>&#8220;Les logiciels d&#8217;ing\u00e9nierie repr\u00e9sentent un \u00e9l\u00e9ment essentiel de la cha\u00eene de s\u00e9curit\u00e9 des contr\u00f4leurs industriels&#8221;, a d\u00e9clar\u00e9 la soci\u00e9t\u00e9. <a rel=\"nofollow noopener\" href=\"https:\/\/www.nozominetworks.com\/blog\/flaws-in-gx-works3-threaten-mitsubishi-electric-safety-plc-security\/\" target=\"_blank\">a dit<\/a>.  &#8220;Si des vuln\u00e9rabilit\u00e9s devaient survenir, les adversaires pourraient en abuser pour finalement compromettre les appareils g\u00e9r\u00e9s et, par cons\u00e9quent, le processus industriel supervis\u00e9.&#8221;<\/p>\n<p>La divulgation intervient alors que CISA <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40265\" target=\"_blank\">r\u00e9v\u00e9l\u00e9<\/a> d\u00e9tails d&#8217;une vuln\u00e9rabilit\u00e9 de d\u00e9ni de service (DoS) dans Mitsubishi Electric MELSEC iQ-R Series qui d\u00e9coule d&#8217;un manque de validation d&#8217;entr\u00e9e appropri\u00e9e (<a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40265\" target=\"_blank\">CVE-2022-40265<\/a>score CVSS : 8,6).<\/p>\n<p>&#8220;L&#8217;exploitation r\u00e9ussie de cette vuln\u00e9rabilit\u00e9 pourrait permettre \u00e0 un attaquant distant non authentifi\u00e9 de provoquer une condition de d\u00e9ni de service sur un produit cible en envoyant des paquets sp\u00e9cialement con\u00e7us&#8221;, a not\u00e9 CISA.<\/p>\n<p>Dans un d\u00e9veloppement connexe, l&#8217;agence de cybers\u00e9curit\u00e9 a en outre d\u00e9crit trois probl\u00e8mes affectant le Remote Compact Controller (RCC) 972 de Horner Automation, dont le plus critique (<a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-2641\" target=\"_blank\">CVE-2022-2641<\/a>score CVSS\u00a0: 9,8) pourrait entra\u00eener l&#8217;ex\u00e9cution de code \u00e0 distance ou provoquer une condition DoS.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/12\/cisa-warns-of-multiple-critical.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>L&#8217;Agence am\u00e9ricaine pour la cybers\u00e9curit\u00e9 et la s\u00e9curit\u00e9 des infrastructures (CISA) a publi\u00e9 cette semaine un avertissement sur les syst\u00e8mes de contr\u00f4le industriel (ICS) concernant de multiples vuln\u00e9rabilit\u00e9s dans le logiciel d&#8217;ing\u00e9nierie Mitsubishi Electric GX Works3. &#8220;L&#8217;exploitation r\u00e9ussie de ces vuln\u00e9rabilit\u00e9s pourrait permettre \u00e0 des utilisateurs non autoris\u00e9s d&#8217;acc\u00e9der aux modules CPU de la s\u00e9rie [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":492516,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[34911,90843,4805,4168,841,5729,4158,4165,4161,42062,525,4157,4159,4171,4170,65,4167,4955,4160,95344,4163,4162,701,4172,4169,4166,4164,12365],"class_list":["post-492515","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-affectant","tag-automates","tag-cisa","tag-comment-pirater","tag-contre","tag-critiques","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-electric","tag-garde","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-logiciel-malveillant-de-ransomware","tag-met","tag-mises-a-jour-de-la-cybersecurite","tag-mitsubishi","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-plusieurs","tag-securite-informatique","tag-securite-internet","tag-violation-de-donnees","tag-vulnerabilite-logicielle","tag-vulnerabilites"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/492515","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=492515"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/492515\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/492516"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=492515"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=492515"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=492515"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}