high
7.5
CWE
20 120
Advisory Published
Updated

CVE-2022-2502: Input Validation

First published: Wed Jul 26 2023(Updated: )

A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature ‘Advanced security’ which must be ordered separately. If these preconditions are fulfilled, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a missing input data validation which eventually if exploited causes an internal buffer to overflow in the HCI IEC 60870-5-104 function.

Credit: cybersecurity@hitachienergy.com cybersecurity@hitachienergy.com

Affected SoftwareAffected VersionHow to fix
Hitachienergy Rtu500 Firmware=13.3.1
Hitachienergy Rtu500 Firmware=13.3.2
Hitachienergy Rtu500 Firmware=13.3.3
Hitachienergy Rtu500 Firmware=13.4.1
Hitachienergy Rtu500
All of
Hitachienergy Rtu500
Any of
Hitachienergy Rtu500 Firmware=13.3.1
Hitachienergy Rtu500 Firmware=13.3.2
Hitachienergy Rtu500 Firmware=13.3.3
Hitachienergy Rtu500 Firmware=13.4.1

Remedy

Update to CMU Firmware versions 13.3.3 or 13.4.1.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2022-2502?

    CVE-2022-2502 is a vulnerability that exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product.

  • How can CVE-2022-2502 be exploited?

    CVE-2022-2502 can only be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature 'Advanced security'.

  • Which versions of the RTU500 series product are affected by CVE-2022-2502?

    Versions 13.3.1, 13.3.2, 13.3.3, and 13.4.1 of the Hitachienergy Rtu500 Firmware are affected by CVE-2022-2502.

  • What is the severity of CVE-2022-2502?

    CVE-2022-2502 has a severity score of 7.5 (high severity).

  • Is there a fix available for CVE-2022-2502?

    I couldn't find information about a fix for CVE-2022-2502. Please refer to the vendor's documentation or contact them for further assistance.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203