CVE-2021-35532 – Firmware upload verification bypass in TXpert Hub CoreTec 4
https://notcve.org/view.php?id=CVE-2021-35532
A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. The vulnerability allows an attacker or malicious agent who manages to gain access to the system and obtain an account with sufficient privilege to upload a malicious firmware to the product. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0; 2.0.1; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1. Se presenta una vulnerabilidad en la parte de comprobación de carga de archivos del producto Hitachi Energy TXpert Hub CoreTec 4. La vulnerabilidad permite que un atacante o agente malicioso que consiga acceder al sistema y obtener una cuenta con suficientes privilegios pueda cargar un firmware malicioso en el producto. • https://search.abb.com/library/Download.aspx?DocumentID=8DBD000080&LanguageCode=en&DocumentPartId=&Action=Launch&utm_campaign=&utm_content=2022.04_5763_Cybersecurity%20Advisory%20Update_May_03&utm_medium=email&utm_source=Eloqua • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-494: Download of Code Without Integrity Check •
CVE-2022-28613 – Specially Crafted Modbus TCP Packet Vulnerability in RTU500 series
https://notcve.org/view.php?id=CVE-2022-28613
A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*. Una vulnerabilidad en el COMPONENTE HCI Modbus TCP del firmware de la CMU de la serie RTU500 de Hitachi Energy, causada por un error de comprobación en la información de longitud que se transmite en el encabezado MBAP, permite a un ATACANTE reiniciar el dispositivo mediante el envío de un mensaje especialmente diseñado. Este problema afecta a: Hitachi Energy RTU500 series CMU Firmware versiones 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.* A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is en-abled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the receiving RTU500 CMU to reboot. • https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch https://publisher.hitachienergy.com/preview?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-20: Improper Input Validation CWE-1284: Improper Validation of Specified Quantity in Input •
CVE-2021-27414 – User interface misrepresentation of critical information in Hitachi ABB Power Grids Ellipse EAM
https://notcve.org/view.php?id=CVE-2021-27414
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials. Un atacante podría engañar a un usuario de Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versiones anteriores a 9.0.25, incluyéndola, para que visite un sitio web malicioso que haga pasarse por una página de inicio de sesión de la aplicación Ellipse y consiga las credenciales de autenticación • https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A7777&LanguageCode=en&DocumentPartId=&Action=Launch https://www.cisa.gov/uscert/ics/advisories/icsa-21-061-01 • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVE-2021-27416 – Cross-site scripting in Hitachi ABB Power Grids Ellipse EAM
https://notcve.org/view.php?id=CVE-2021-27416
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of confidential information, or even the takeover of the user’s session. Un atacante podría explotar esta vulnerabilidad en Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versiones anteriores a 9.0.25, incluyéndola, al engañar a un usuario para que haga clic en un enlace que contenga código malicioso que será ejecutado por el navegador web. Esto puede resultar en el compromiso de información confidencial, o incluso la toma de la sesión del usuario • https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A7777&LanguageCode=en&DocumentPartId=&Action=Launch https://www.cisa.gov/uscert/ics/advisories/icsa-21-061-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-40333 – Weak default credential associated with TCP port 26
https://notcve.org/view.php?id=CVE-2021-40333
Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to gain unauthorized access to the Data Communication Network (DCN) routing configuration. This issue affects: Hitachi Energy FOX61x versions prior to R15A. Hitachi Energy XCM20 versions prior to R15A. Una vulnerabilidad de Requisitos de Contraseña Débiles en Hitachi Energy FOX61x, XCM20 permite a un atacante conseguir acceso no autorizado a la configuración de enrutamiento de la red de comunicación de datos (DCN). Este problema afecta a: Hitachi Energy FOX61x versiones anteriores a R15A. • https://search.abb.com/library/Download.aspx?DocumentID=8DBD000062&LanguageCode=en&DocumentPartId=&Action=Launch https://search.abb.com/library/Download.aspx?DocumentID=8DBD000069&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-521: Weak Password Requirements •