What is CVE-2022-4608?

CVE-2022-4608 is a vulnerability that exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product.

How can the CVE-2022-4608 vulnerability be exploited?

The CVE-2022-4608 vulnerability can only be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-3. After the session resumption interval is expired, an RTU500 initiated update of session parameters may cause the vulnerability to be exploited.

Which versions of the RTU500 firmware are affected by CVE-2022-4608?

The RTU500 firmware versions 13.3.1, 13.3.2, 13.3.3, and 13.4.1 are affected by CVE-2022-4608.

What is the severity of CVE-2022-4608?

The severity of CVE-2022-4608 is high with a score of 7.5.

How can I fix the CVE-2022-4608 vulnerability?

To fix the CVE-2022-4608 vulnerability, it is recommended to update the affected RTU500 firmware to a version that does not contain the vulnerability.

Vulnerability/
CVE-2022-4608

high

7.5

CWE

787 120

26/7/2023

3/8/2024

CVE-2022-4608

First published: Wed Jul 26 2023(Updated: )

A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-3. After session resumption interval is expired an RTU500 initiated update of session parameters causes an unexpected restart due to a stack overflow.

Credit: cybersecurity@hitachienergy.com cybersecurity@hitachienergy.com

Affected Software	Affected Version	How to fix
Hitachienergy Rtu500 Firmware	=13.3.1
Hitachienergy Rtu500 Firmware	=13.3.2
Hitachienergy Rtu500 Firmware	=13.3.3
Hitachienergy Rtu500 Firmware	=13.4.1
Hitachienergy Rtu500

Remedy

Update to CMU Firmware versions 13.3.3 or 13.4.1.

Never miss a vulnerability like this again

Reference Links

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch

Frequently Asked Questions

What is CVE-2022-4608?
CVE-2022-4608 is a vulnerability that exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product.
How can the CVE-2022-4608 vulnerability be exploited?
The CVE-2022-4608 vulnerability can only be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-3. After the session resumption interval is expired, an RTU500 initiated update of session parameters may cause the vulnerability to be exploited.
Which versions of the RTU500 firmware are affected by CVE-2022-4608?
The RTU500 firmware versions 13.3.1, 13.3.2, 13.3.3, and 13.4.1 are affected by CVE-2022-4608.
What is the severity of CVE-2022-4608?
The severity of CVE-2022-4608 is high with a score of 7.5.
How can I fix the CVE-2022-4608 vulnerability?
To fix the CVE-2022-4608 vulnerability, it is recommended to update the affected RTU500 firmware to a version that does not contain the vulnerability.

collector/nvd-latest
collector/nvd-index
agent/author
agent/weakness
agent/type
agent/softwarecombine
agent/severity
agent/references
agent/description
collector/nvd-api
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
agent/remedy
agent/last-modified-date
agent/tags
agent/event
agent/first-publish-date
vendor/hitachienergy
canonical/hitachienergy rtu500 firmware
version/hitachienergy rtu500 firmware/13.3.1
version/hitachienergy rtu500 firmware/13.3.2
version/hitachienergy rtu500 firmware/13.3.3
version/hitachienergy rtu500 firmware/13.4.1
canonical/hitachienergy rtu500

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.