CVE-2024-1574 is a vulnerability classified under CWE-470 (Use of Externally-Controlled Input to Select Classes or Code, also known as Unsafe Reflection) affecting Mitsubishi Electric Iconics Digital Solutions products including GENESIS64 versions 10.97 to 10.97.2, GENESIS32 versions 9.7 and prior, BizViz versions 9.7 and prior, and all versions of MC Works64. The flaw exists in the licensing feature where an attacker with local access can tamper with a specific file that the system does not adequately protect. This tampering allows the attacker to influence the reflection mechanism to load and execute malicious code with administrative privileges. The vulnerability requires local access, elevated privileges (low privileges but not full admin initially), and user interaction, making remote exploitation infeasible without prior compromise. The CVSS v3.1 base score is 6.7, reflecting medium severity with high impact on confidentiality, integrity, and availability, but with higher attack complexity and required user interaction. No known exploits are currently reported in the wild, and no patches are linked yet, indicating that mitigation relies on access control and monitoring until vendor fixes are released. The vulnerability is particularly critical in industrial control systems where GENESIS64 and related products are used for automation and monitoring, as malicious code execution with admin rights could disrupt operations or cause safety issues.

For European organizations, especially those in manufacturing, energy, utilities, and critical infrastructure sectors relying on Mitsubishi Electric Iconics Digital Solutions products, this vulnerability poses a significant risk. Successful exploitation could lead to full administrative control over affected systems, enabling attackers to manipulate industrial processes, steal sensitive operational data, disrupt service availability, or cause physical damage. The confidentiality of proprietary process data and intellectual property could be compromised. Integrity of control commands and system configurations could be altered, potentially leading to unsafe operational states. Availability could be impacted by malicious code causing system crashes or denial of service. Given the local access requirement, the threat is heightened in environments where insider threats or inadequate endpoint security exist. The lack of file protection on licensing files indicates a potential systemic weakness in access controls that could be exploited by attackers who gain initial foothold through phishing or other means.

European organizations should implement strict local access controls and file system permissions to prevent unauthorized modification of licensing files related to GENESIS64 and other affected products. Employ application whitelisting and endpoint protection solutions to detect and block unauthorized code execution. Monitor file integrity of licensing and configuration files using host-based intrusion detection systems. Limit user privileges to the minimum necessary and enforce strong authentication to reduce the risk of privilege escalation. Segregate critical industrial control systems from general IT networks to reduce exposure. Until official patches are released by Mitsubishi Electric, consider deploying virtual patching or compensating controls such as enhanced logging and anomaly detection for suspicious local activities. Regularly audit and update software versions and maintain close communication with the vendor for timely patch deployment. Conduct security awareness training to reduce risks of initial compromise that could lead to local access.