CVE-2022-33319: 
Mitsubishi Electric ICONICS GENESIS64 vulnerability analysis and mitigation

An out-of-bounds read vulnerability exists in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior. The vulnerability specifically affects the GenBroker64 service, which listens on TCP port 38080 by default. This vulnerability allows remote unauthenticated attackers to disclose information on memory or cause a Denial of Service (DoS) condition by sending specially crafted packets to the GENESIS64 server (CISA Advisory, JVN Report).

The vulnerability (CVE-2022-33319) stems from the lack of proper validation of user-supplied data in the GenBroker64 service, which can result in a read past the end of an allocated buffer. The CVSS v3 base score is 6.5, with the vector string AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H, indicating network accessibility, high attack complexity, no privileges required, and no user interaction needed (ZDI Advisory).

If successfully exploited, this vulnerability can lead to information disclosure of memory contents or create a denial-of-service condition on the affected system. The impact primarily affects the confidentiality and availability of the system, with no direct impact on integrity (CISA Advisory).

ICONICS and Mitsubishi Electric recommend updating to the latest security patches. Users should place control system networks and devices behind firewalls, isolate them from the business network, and restrict access to TCP ports including 38080 and 6002. If remote access is required, secure methods such as VPNs should be utilized. Additionally, users should minimize network exposure for all control system devices and avoid clicking web links or opening unsolicited attachments in emails (CISA Advisory).