CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-12169
https://notcve.org/view.php?id=CVE-2024-12169
25 Mar 2025 — A vulnerability exists in RTU500 IEC 60870-5-104 controlled station functionality and IEC 61850 functionality, that allows an attacker performing a specific attack sequence to restart the affected CMU. This vulnerability only applies, if secure communication using IEC 62351-3 (TLS) is enabled. • https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11499
https://notcve.org/view.php?id=CVE-2024-11499
25 Mar 2025 — A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections. The affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. • https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 9EXPL: 0CVE-2024-10037
https://notcve.org/view.php?id=CVE-2024-10037
25 Mar 2025 — A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled to exploit this vulnerability. The affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. A vulnerability exists in the RTU500 web server component that can cause a ... • https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true • CWE-476: NULL Pointer Dereference •