Information disclosure

2022-05-0219:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

38.7%

JSON

A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.; 12.2.; 12.4.; 12.6.; 12.7.; 13.2..

CPENameOperatorVersion
rtu500_firmwarege12.2.1.0
rtu500_firmwarelt12.2.12.0
rtu500_firmwarege12.0.1.0
rtu500_firmwarelt12.0.14.0
rtu500_firmwarege12.4.1.0
rtu500_firmwarelt12.4.12.0
rtu500_firmwarege12.6.1.0
rtu500_firmwarelt12.6.8.0
rtu500_firmwarege12.7.1.0
rtu500_firmwarelt12.7.4.0

Name	Operator	Version
rtu500_firmware	ge	12.2.1.0
rtu500_firmware	lt	12.2.12.0
rtu500_firmware	ge	12.0.1.0
rtu500_firmware	lt	12.0.14.0
rtu500_firmware	ge	12.4.1.0
rtu500_firmware	lt	12.4.12.0
rtu500_firmware	ge	12.6.1.0
rtu500_firmware	lt	12.6.8.0
rtu500_firmware	ge	12.7.1.0
rtu500_firmware	lt	12.7.4.0