Tech »  Topic »  Fuji Electric HMI Configurator Flaws Expose Industrial Organizations to Hacking

Fuji Electric HMI Configurator Flaws Expose Industrial Organizations to Hacking

1 day, 21 hours ago   securityweek

Several vulnerabilities patched recently by Fuji Electric in its V-SFT product could be exploited by threat actors to gain access to the systems of industrial organizations.

Fuji Electric (Hakko Electronic) V-SFT is a configuration and development software for human-machine interfaces (HMIs). Organizations in the manufacturing and other industrial sectors use it to create and manage user interfaces for Fuji Electric’s Monitouch series HMIs, which are widely used around the world.

Cybersecurity researcher Michael Heinzl discovered that V-SFT is affected by several vulnerabilities, including ones that can lead to information disclosure or arbitrary code execution on the system running the software.

An attacker would need to use social engineering to trick a V-SFT user at the targeted organization into opening a malicious project file, which results in arbitrary code execution with the victim’s privileges. This can allow the hacker to take control of the system, Heinzl told SecurityWeek.

Heinzl ...


Copyright of this story solely belongs to securityweek . To see the full text click HERE