Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-6711

Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU.

Published

2023-12-19T15:15:09.257

Last Modified

2024-11-21T08:44:24.670

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

Weaknesses

Type: Secondary
CWE-120
Type: Primary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	hitachienergy	rtu500_firmware	< 12.0.15.0	Yes
Operating System	hitachienergy	rtu500_firmware	< 12.2.12.0	Yes
Operating System	hitachienergy	rtu500_firmware	< 12.4.12.0	Yes
Operating System	hitachienergy	rtu500_firmware	< 12.6.10.0	Yes
Operating System	hitachienergy	rtu500_firmware	< 12.7.7.0	Yes
Operating System	hitachienergy	rtu500_firmware	< 13.2.7.0	Yes
Operating System	hitachienergy	rtu500_firmware	< 13.4.4.0	Yes
Operating System	hitachienergy	rtu500_firmware	13.5.1.0	Yes
Hardware	hitachienergy	rtu500	-	No

References

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000184&languageCode=en&Preview=true Vendor Advisory ([email protected])
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000184&languageCode=en&Preview=true Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)