There is a public report of an insecure ActiveX Control vulnerability in the Mitsubishi MC-WorkX Suite — IcoLaunch.dll with proof-of-concept (PoC) exploit code affecting Mitsubishi MC-WorkX Suite, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product.
The PoC allows crafting a Login Client button, which when clicked by the victim, can launch malicious code from a remote share, the report said. This report released without coordination with either the vendor or ICS-CERT.
As a result, ICS-CERT notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. ICS-CERT issued an alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cyber security attacks.
The report included details and PoC exploit code for the following remotely exploitable vulnerability in the Mitsubishi MC-WorkX Suite — IcoLaunch.dll where insecure ActiveX control could cause possible remote code execution.
ICS-CERT is currently coordinating with the vendor and security researcher to identify mitigations.