Claroty Blog CVE-2025-3232

CWE-306: Missing Authentication for Critical Function:A remote unauthenticated attacker may be able to bypass authentication by utilizing a specific API route to execute arbitrary OS commands.Mitsubishi Electric Europe B.V. recommends that users take note of the following mitigation measures to minimize the risk of exploiting this vulnerability:Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.Use within a LAN and block access from untrusted networks and hosts through firewalls.Use web application firewall (WAF) to prevent to filter, monitor and block any malicious HTTP/HTTPS traffic.Allow web client access from trusted networks only.