Stb-Language File Handling Vulnerability Affects RTU500 Series Products
CVE-2024-1532

6.8MEDIUM

Key Information:

Vendor: Hitachi
Status: Rtu500 Series Cmu Firmware
Vendor: CVE Published:; 27 March 2024

Summary

A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file.

Affected Version(s)

RTU500 series CMU firmware 12.0.1 <= 12.0.14

RTU500 series CMU firmware 12.2.1 <= 12.2.11

RTU500 series CMU firmware 12.4.1 <= 12.4.11

References

https://publisher.hitachienergy.com/preview?DocumentId=8D...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 27, 2024
Vulnerability Reserved
Feb 15, 2024