CVE-2023-6815 Description

CVE-2023-6815 is classified as an Incorrect Privilege Assignment vulnerability affecting Mitsubishi Electric Corporation’s MELSEC iQ-R Series products. Specifically, it impacts the Safety CPU models R08/16/32/120SFCPU and the SIL2 Process CPU models R08/16/32/120PSFCPU across all their versions. This vulnerability enables a remote authenticated attacker, who has access to the system as a non-administrator user, to disclose the credentials (user ID and password) of another user who has a lower access level than the attacker. The exploitation occurs through the transmission of a specially crafted packet to the vulnerable system. The issue was officially recorded and disclosed on December 14, 2023, with Mitsubishi Electric Corporation being the assigning authority for this CVE​​.

What is Affected By CVE-2023-6815

CVE-2023-6815 specifically affects the following Mitsubishi Electric Corporation products:

• MELSEC iQ-R Series Safety CPU models: R08SFCPU, R16SFCPU, R32SFCPU, R120SFCPU. These models are designed for safety control applications, providing advanced safety functions to ensure the safety of machinery and personnel in industrial environments.

• MELSEC iQ-R Series SIL2 Process CPU models: R08PSFCPU, R16PSFCPU, R32PSFCPU, R120PSFCPU. These models are aimed at process control applications requiring Safety Integrity Level 2 (SIL2) compliance, offering reliable and secure process control for various industrial applications.

All versions of these Safety and SIL2 Process CPUs are affected by this vulnerability. The issue allows a remote authenticated attacker, who has gained non-administrator access, to disclose the credentials of users with lower access levels by sending a specially crafted packet​​.

It’s critical for organizations using these specific Mitsubishi Electric products to review any advisories provided by Mitsubishi Electric and apply necessary updates or patches to mitigate the vulnerability and protect their systems against potential exploitation.

Mitigation and Remediation For CVE-2023-6815

Deactivating affected Mitsubishi Electric MELSEC iQ-R Series Safety and Process CPUs or ensuring they are not accessible from public networks can mitigate immediate risks associated with CVE-2023-6815 until a patch is available. It’s crucial to regularly check Mitsubishi Electric’s official advisories for updates and apply any released patches to fix the vulnerability. Avoid exposing these products to public-facing networks to reduce the risk of unauthorized access and exploitation.

Impact of Successful Exploitation of CVE-2023-6815

The successful exploitation of CVE-2023-6815 allows a remote authenticated attacker with non-administrative privileges to disclose the credentials (user ID and password) of users with lower access levels than the attacker. This is achieved by sending a specially crafted packet, compromising the confidentiality of user credentials within the affected Mitsubishi Electric MELSEC iQ-R Series Safety and Process CPUs