CVE-2022-29832 is a vulnerability identified in Mitsubishi Electric Corporation's GX Works3 software (version 1.015R and later), GX Works2 (all versions), and GX Developer (versions 8.40S and later). The vulnerability is classified under CWE-316, which pertains to the cleartext storage of sensitive information in memory. Specifically, this flaw allows a remote, unauthenticated attacker to access sensitive information related to project files for MELSEC safety CPU modules or MELSEC Q/FX/L series with security settings. The vulnerability arises because sensitive data is stored in memory without encryption or adequate protection, making it accessible to attackers who can remotely interact with the affected software. Since the attacker does not require authentication, the attack surface is significantly increased, allowing potential disclosure of critical project configuration files that could reveal operational details or security settings of industrial control systems (ICS). The vulnerability does not currently have known exploits in the wild, but the risk remains due to the nature of the exposed information and the lack of authentication barriers. The affected software is widely used in industrial automation environments, particularly in manufacturing and critical infrastructure sectors, where Mitsubishi Electric's MELSEC series PLCs are deployed. The exposure of project files could facilitate further targeted attacks, including manipulation of control logic or disruption of industrial processes.

For European organizations, especially those operating in manufacturing, energy, transportation, and critical infrastructure sectors, this vulnerability poses a significant risk. Disclosure of sensitive project files could lead to unauthorized insight into control logic and safety configurations, potentially enabling attackers to craft sophisticated attacks that disrupt operations or cause physical damage. The lack of authentication requirement means that attackers could exploit this vulnerability remotely, increasing the risk of widespread impact. Organizations relying on Mitsubishi Electric's GX Works3, GX Works2, or GX Developer software for programming and maintaining MELSEC PLCs could face operational downtime, safety incidents, or intellectual property theft. Given the strategic importance of industrial automation in Europe's economy and critical infrastructure, exploitation could have cascading effects on supply chains and public safety. Although no exploits are currently known in the wild, the vulnerability's medium severity rating and the critical nature of the affected systems warrant proactive mitigation to prevent potential exploitation.

1. Immediate application of any available patches or updates from Mitsubishi Electric should be prioritized once released, as the current information indicates no patch links are available yet. 2. Implement network segmentation to isolate engineering workstations running GX Works3, GX Works2, or GX Developer from untrusted networks, limiting remote access possibilities. 3. Enforce strict access controls and monitoring on systems used for programming MELSEC PLCs, including multi-factor authentication and least privilege principles, even though the vulnerability itself does not require authentication; this reduces overall attack surface. 4. Employ intrusion detection and prevention systems (IDPS) with signatures or heuristics tailored to detect anomalous access patterns or attempts to read memory regions associated with the affected software. 5. Conduct regular security audits and memory analysis on engineering systems to detect unauthorized access or memory dumps that could indicate exploitation attempts. 6. Educate operational technology (OT) and IT staff about this vulnerability and the importance of securing engineering environments. 7. Where feasible, restrict remote access to engineering workstations via VPNs with strong encryption and endpoint security controls. 8. Maintain comprehensive backups of project files and configurations to enable rapid recovery in case of compromise.