Which versions of the RTU500 series product are affected by CVE-2022-2502?

Versions 13.3.1, 13.3.2, 13.3.3, and 13.4.1 of the Hitachienergy Rtu500 Firmware are affected by CVE-2022-2502.

What is the severity of CVE-2022-2502?

CVE-2022-2502 has a severity score of 7.5 (high severity).

Is there a fix available for CVE-2022-2502?

I couldn't find information about a fix for CVE-2022-2502. Please refer to the vendor's documentation or contact them for further assistance.

Vulnerability/
CVE-2022-2502

high

7.5

CWE

20 120

26/7/2023

3/8/2024

CVE-2022-2502: Input Validation

First published: Wed Jul 26 2023(Updated: )

A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature ‘Advanced security’ which must be ordered separately. If these preconditions are fulfilled, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a missing input data validation which eventually if exploited causes an internal buffer to overflow in the HCI IEC 60870-5-104 function.

Credit: cybersecurity@hitachienergy.com cybersecurity@hitachienergy.com

Affected Software	Affected Version	How to fix
Hitachienergy Rtu500 Firmware	=13.3.1
Hitachienergy Rtu500 Firmware	=13.3.2
Hitachienergy Rtu500 Firmware	=13.3.3
Hitachienergy Rtu500 Firmware	=13.4.1
Hitachienergy Rtu500

Remedy

Update to CMU Firmware versions 13.3.3 or 13.4.1.

Never miss a vulnerability like this again

Reference Links

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch

Frequently Asked Questions

What is CVE-2022-2502?
CVE-2022-2502 is a vulnerability that exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product.
How can CVE-2022-2502 be exploited?
CVE-2022-2502 can only be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature 'Advanced security'.
Which versions of the RTU500 series product are affected by CVE-2022-2502?
Versions 13.3.1, 13.3.2, 13.3.3, and 13.4.1 of the Hitachienergy Rtu500 Firmware are affected by CVE-2022-2502.
What is the severity of CVE-2022-2502?
CVE-2022-2502 has a severity score of 7.5 (high severity).
Is there a fix available for CVE-2022-2502?
I couldn't find information about a fix for CVE-2022-2502. Please refer to the vendor's documentation or contact them for further assistance.

collector/nvd-latest
collector/nvd-index
agent/author
agent/type
agent/softwarecombine
agent/severity
agent/references
agent/weakness
agent/description
collector/nvd-api
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
agent/remedy
agent/last-modified-date
agent/tags
agent/event
agent/first-publish-date
vendor/hitachienergy
canonical/hitachienergy rtu500 firmware
version/hitachienergy rtu500 firmware/13.3.1
version/hitachienergy rtu500 firmware/13.3.2
version/hitachienergy rtu500 firmware/13.3.3
version/hitachienergy rtu500 firmware/13.4.1
canonical/hitachienergy rtu500

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.