HCI Modbus TCP Vulnerability in Hitachi Energy Products
CVE-2022-2081

7.5HIGH

Key Information:

Vendor: Hitachi
Status: Rtu500 Series Cmu Firmware
Vendor: CVE Published:; 4 January 2024

Summary

The vulnerability in the HCI Modbus TCP function of Hitachi Energy's RTU500 arises due to inadequate flood control. When this function is enabled, an attacker can exploit the vulnerability by sending a series of specially crafted messages at a rapid rate, leading to the reboot of the targeted RTU500 CMU. This exploit stems from an internal stack overflow condition triggered by the overwhelming input, potentially disrupting operations relying on the affected systems. Organizations utilizing RTU500 devices should assess their configurations to mitigate this risk effectively.

Affected Version(s)

RTU500 series CMU firmware 12.0.1.0 <= 12.0.13.0

RTU500 series CMU firmware 12.2.1.0 <= 12.2.11.0

RTU500 series CMU firmware 12.4.1.0 <= 12.4.11.0

References

https://publisher.hitachienergy.com/preview?DocumentID=8D...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 4, 2024
Vulnerability Reserved
Jun 14, 2022