First published: Wed Sep 14 2022(Updated: )
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP stack during the ICCP communication establishment causes a denial-of-service when ICCP of SYS600 is request to forward any data item updates with timestamps too distant in the future to any remote ICCP system. By default, ICCP is not configured and not enabled. This issue affects: Hitachi Energy MicroSCADA X SYS600 version 10.2 to version 10.3.1. cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*
Credit: cybersecurity@hitachienergy.com cybersecurity@hitachienergy.com
Affected Software | Affected Version | How to fix |
---|---|---|
Hitachienergy Microscada X Sys600 | >=10.2<=10.3.1 | |
Hitachienergy Sys600 | ||
All of | ||
Hitachienergy Microscada X Sys600 | >=10.2<=10.3.1 | |
Hitachienergy Sys600 |
Remediated in SYS600 10.4 Update to at least SYS600 version 10.4.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-2277 is a vulnerability that exists in the Hitachi Energy MicroSCADA X SYS600's ICCP stack, which can be exploited to cause a denial-of-service when ICCP of SYS600 is requested to forward data item updates with timestamps too distant in the future to any remote ICCP system.
CVE-2022-2277 has a severity rating of 7.5 (high).
Versions 10.2 to 10.3.1 of Hitachi Energy MicroSCADA X Sys600 are affected by CVE-2022-2277.
To fix CVE-2022-2277, it is recommended to apply the latest updates or patches provided by Hitachi Energy for MicroSCADA X Sys600.
You can find more information about CVE-2022-2277 at the following reference link: [https://search.abb.com/library/Download.aspx?DocumentID=8DBD000106&LanguageCode=en&DocumentPartId=&Action=Launch](https://search.abb.com/library/Download.aspx?DocumentID=8DBD000106&LanguageCode=en&DocumentPartId=&Action=Launch)