CVE-2022-2081

Published Jan 4, 2024
Last updated 2 months ago
CVSS high 7.5
Overview

Description: A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function.
Source: cybersecurity@hitachienergy.com
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
Weaknesses

nvd@nist.gov: CWE-787
cybersecurity@hitachienergy.com: CWE-787
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5E23735-DB56-4C1E-8389-B06018CC4D9E",
            "versionEndIncluding": "12.0.13",
            "versionStartIncluding": "12.0.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2469A78A-6F37-4F4B-BED8-060914B2D0A4",
            "versionEndIncluding": "12.2.11",
            "versionStartIncluding": "12.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9E6934B-EBB2-45FB-8E4A-7D360CBA0F92",
            "versionEndIncluding": "12.4.11",
            "versionStartIncluding": "12.4.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8966632-8645-43D6-AB52-8BC1C1BDB6DD",
            "versionEndIncluding": "12.6.7",
            "versionStartIncluding": "12.6.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F12F1A20-9D3C-4F2B-B538-8B4EABD288C9",
            "versionEndIncluding": "12.7.3",
            "versionStartIncluding": "12.7.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7A0F9D4-E9ED-4351-8909-EEE689DE2BF4",
            "versionEndIncluding": "13.2.4",
            "versionStartIncluding": "13.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:13.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1621CAF4-C18A-48B5-82AC-F8D09105656A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hitachienergy:rtu520:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "11AF93AD-200F-47A6-BA2C-F82165AFB50D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB001482-F203-4731-A6DD-6BCE3C1338CA",
            "versionEndIncluding": "12.0.13",
            "versionStartIncluding": "12.0.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79BC5D4A-09B2-41FB-962A-CF580181EB2C",
            "versionEndIncluding": "12.2.11",
            "versionStartIncluding": "12.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A30CDB2F-E0CC-4440-9E59-AB339F94996F",
            "versionEndIncluding": "12.4.11",
            "versionStartIncluding": "12.4.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56598D9D-5BCB-42C6-8705-AB79C4BD2A9A",
            "versionEndIncluding": "12.6.7",
            "versionStartIncluding": "12.6.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4FDE92C-733F-4B52-8BE6-E37898B39075",
            "versionEndIncluding": "12.7.3",
            "versionStartIncluding": "12.7.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2209D1D9-94CD-4D8B-BB80-39CC129FEEF4",
            "versionEndIncluding": "13.2.4",
            "versionStartIncluding": "13.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:13.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BACEC63E-0548-483F-813E-C04F4C95970E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hitachienergy:rtu530:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FC6F9377-E6BB-4DEA-9D87-0AF792CBAC57"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F1F7579-050B-4216-A4D5-FD74C8A19618",
            "versionEndIncluding": "12.0.13",
            "versionStartIncluding": "12.0.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "803838B5-058E-436B-8CE5-BF711456F96B",
            "versionEndIncluding": "12.2.11",
            "versionStartIncluding": "12.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0361A98-1496-4763-A489-DCAE0D0DF613",
            "versionEndIncluding": "12.4.11",
            "versionStartIncluding": "12.4.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "762AB8CE-068D-46D4-A275-154A2AC58E55",
            "versionEndIncluding": "12.6.7",
            "versionStartIncluding": "12.6.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DF9263A-D1DB-4899-99C2-88B59847C808",
            "versionEndIncluding": "12.7.3",
            "versionStartIncluding": "12.7.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15B3C46C-0A5E-4142-A096-94A513DD8004",
            "versionEndIncluding": "13.2.4",
            "versionStartIncluding": "13.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:13.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8B2A709-9538-47C9-9E70-DBC1D2817E79"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hitachienergy:rtu540:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6EEFDEF0-883D-402B-9CD4-333A145E3C75"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0708BD2D-FEA4-4C97-9C3A-B4E67EA3D926",
            "versionEndIncluding": "12.0.13",
            "versionStartIncluding": "12.0.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BDB5A36-9B2F-43F9-A81B-506C4660151F",
            "versionEndIncluding": "12.2.11",
            "versionStartIncluding": "12.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F25FBFD5-BC45-49C9-87D4-A9C05405490D",
            "versionEndIncluding": "12.4.11",
            "versionStartIncluding": "12.4.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0505DF4D-0B06-4E61-B756-C2B5D31B85A0",
            "versionEndIncluding": "12.6.7",
            "versionStartIncluding": "12.6.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9495E9A9-733C-4073-8B39-1A08A88B05A7",
            "versionEndIncluding": "12.7.3",
            "versionStartIncluding": "12.7.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "269F1D56-A575-487D-B5ED-4E774C26BA3B",
            "versionEndIncluding": "13.2.4",
            "versionStartIncluding": "13.2.1"
          },
          {
            "criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:13.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "530437F6-6F90-45D5-821C-B87C292C0CCC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hitachienergy:rtu560:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "495DCBD6-D2D1-4295-81D1-6ACA1B2CA223"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
