CVE-2022-4608

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-3. After session resumption interval is expired an RTU500 initiated update of session parameters causes an unexpected restart due to a stack overflow.

*Credits: N/A

CVSS Scores

NISTv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-12-19 CVE Reserved
2023-07-26 CVE Published
2024-08-01 EPSS Updated
2024-09-24 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-787: Out-of-bounds Write

CAPEC

CAPEC-100: Overflow Buffers

References (2)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch	2023-08-03
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch	2024-09-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hitachienergy Search vendor "Hitachienergy"	Rtu500 Firmware Search vendor "Hitachienergy" for product "Rtu500 Firmware"	13.3.1 Search vendor "Hitachienergy" for product "Rtu500 Firmware" and version "13.3.1"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Rtu500 Search vendor "Hitachienergy" for product "Rtu500"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Rtu500 Firmware Search vendor "Hitachienergy" for product "Rtu500 Firmware"	13.3.2 Search vendor "Hitachienergy" for product "Rtu500 Firmware" and version "13.3.2"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Rtu500 Search vendor "Hitachienergy" for product "Rtu500"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Rtu500 Firmware Search vendor "Hitachienergy" for product "Rtu500 Firmware"	13.3.3 Search vendor "Hitachienergy" for product "Rtu500 Firmware" and version "13.3.3"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Rtu500 Search vendor "Hitachienergy" for product "Rtu500"	-	-	Safe
Hitachienergy Search vendor "Hitachienergy"	Rtu500 Firmware Search vendor "Hitachienergy" for product "Rtu500 Firmware"	13.4.1 Search vendor "Hitachienergy" for product "Rtu500 Firmware" and version "13.4.1"	-	Affected	in	Hitachienergy Search vendor "Hitachienergy"	Rtu500 Search vendor "Hitachienergy" for product "Rtu500"	-	-	Safe