74 matches found
EUVD-2021-22169
Malware in sbrugna...
EUVD-2023-58052
Malicious code in bioql PyPI...
EUVD-2022-51940
Malicious code in bioql PyPI...
EUVD-2024-17280
Malicious code in bioql PyPI...
EUVD-2023-58931
Malicious code in bioql PyPI...
EUVD-2022-34760
Malicious code in bioql PyPI...
EUVD-2023-58051
Malicious code in bioql PyPI...
CVE-2024-1532
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file...
CVE-2023-6711
Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an...
CVE-2023-5768
A vulnerability exists in the HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Incomplete or wrong received APDU frame layout may cause blocking on link layer. Error reason was an endless blocking when reading incoming frames on link layer with wrong length...
Hitachi Energy's RTU500 series NULL Pointer Deference (CVE-2024-11499)
A vulnerability exists in RTU500 IEC 60870-4-104 con- trolled station functionality, that allows an authenti- cated and authorized attacker to perform a CMU re- start. The vulnerability can be triggered if certificates are updated while in use on active connections. The affected CMU will...
Hitachi Energy's RTU500 series Insufficient Resource Pool (CVE-2024-12169)
A vulnerability exists in RTU500 IEC 60870-5-104 con- trolled station functionality and IEC 61850 functional- ity, that allows an attacker performing a specific attack sequence to restart the affected CMU. This vulnerabil- ity only applies, if secure communication using IEC 62351-3 TLS is enabled...
Hitachi Energy's RTU500 series NULL Pointer Deference (CVE-2024-10037)
A vulnerability exists in the RTU500 web server com- ponent that can cause a denial of service to the RTU500 CMU application if a specially crafted mes- sage sequence is executed on a WebSocket connec- tion. An attacker must be properly authenticated and the test mode function of RTU500 must be...
Hitachi Energy's RTU500 series Missing synchronization (CVE-2025-1445)
A vulnerability exists in RTU IEC 61850 client and server functionality that could impact the availability if renegotiation of an open IEC61850 TLS connection takes place in specific timing situations, when IEC61850 communication is active. Precondition is that IEC61850 as client or server are...
CVE-2022-2502
A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature ‘Advanced security’ which must ...
CVE-2022-4608
A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-3. After session resumption interval is expired an RTU500 initiated update of...
CVE-2024-1531
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could print random memory content in the RTU500 system log, if an authorized user uploads a specially crafted stb-language file...
Hitachi Energy RTU500 series CMU
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform...
Unspecified Vulnerability in Hitachi Energy RTU500 series CMU Firmware (CNVD-2025-02734)
RTU500 is a series of industrial control components from Hitachi, Japan, mainly used in industrial control systems. A security vulnerability exists in Hitachi Energy RTU500 series CMU Firmware, which can be exploited by attackers to bypass security updates...
Hitachi Energy's RTU500 series Unrestricted Upload of File with Dangerous Type (CVE-2024-1532)
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file. This plugin only works wit...