CVE-2022-3864
https://notcve.org/view.php?id=CVE-2022-3864
A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service. Existe una vulnerabilidad en la validación de la firma del paquete de actualización de Relion. • https://publisher.hitachienergy.com/preview?DocumentID=8DBD000146&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2022-2081
https://notcve.org/view.php?id=CVE-2022-2081
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function. Existe una vulnerabilidad en la función HCI Modbus TCP incluida en las versiones de producto enumeradas anteriormente. Si HCI Modbus TCP está habilitado y configurado, un atacante podría aprovechar la vulnerabilidad enviando un mensaje especialmente manipulado a la RTU500 a alta velocidad, lo que provocaría que la CMU RTU500 objetivo se reiniciara. • https://publisher.hitachienergy.com/preview?DocumentID=8DBD000111&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-6711
https://notcve.org/view.php?id=CVE-2023-6711
Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU. Existe una vulnerabilidad en SCI IEC 60870-5-104 y HCI IEC 60870-5-104 que afecta a las versiones de productos de RTU500 series que se enumeran a continuación. Los mensajes especialmente manipulados enviados a los componentes mencionados no se validan correctamente y pueden provocar un desbordamiento de búfer y, como consecuencia final, un reinicio de una CMU RTU500. • https://publisher.hitachienergy.com/preview?DocumentId=8DBD000184&languageCode=en&Preview=true • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-1514
https://notcve.org/view.php?id=CVE-2023-1514
A vulnerability exists in the component RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a Certification Authority (CA), allowing the client to validate that the remote service can be trusted and is not malicious. If the client does not validate the parameters of the certificate, then attackers could be able to spoof the identity of the service. An attacker could exploit the vulnerability by using faking the identity of a RTU500 device and intercepting the messages initiated via the RTU500 Scripting interface. • https://publisher.hitachienergy.com/preview?DocumentId=8DBD000152&languageCode=en&Preview=true • CWE-295: Improper Certificate Validation •
CVE-2023-5769
https://notcve.org/view.php?id=CVE-2023-5769
A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to user input being improperly sanitized. Existe una vulnerabilidad en el servidor web que afecta a las versiones de productos de RTU500 series que se enumeran a continuación. Un actor malintencionado podría realizar Cross-Site Scripting en el servidor web debido a que la entrada del usuario se sanitizo incorrectamente. • https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •