CVE-2023-6711

7.5HIGH

Key Information

Vendor: Hitachi
Status: Rtu500 Series Cmu Firmware
Vendor: CVE Published:; 19 December 2023

Summary

Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU.

Affected Version(s)

RTU500 series CMU Firmware <= 12.0.14

RTU500 series CMU Firmware <= 12.2.11

RTU500 series CMU Firmware <= 12.4.11

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Dec 19, 2023
Vulnerability Reserved.
Dec 12, 2023

Collectors

NVD DatabaseMitre Database