This vulnerability exists due to a logic error in the certificate validation in the affected product. An attacker with administrator rights could exploit this vulnerability by creating software packages and signing those packages with specially crafted certificates, thereby pointing the PCM600 update server location to a different location. The validation flaw causes untrusted software packages to be installed using PCM600 Update Manager.
The Raccoon attack exploits a flaw in the TLS specification, which can lead to an attacker computing pre-master secret in connections that have used a Diffie-Hellman- based cipher suite. An attacker can then eavesdrop on all encrypted communications sent over the exploited TLS connection.
There is a global buffer over-read vulnerability in xmlEncodeEntitiesInternal in the affected libxml2/entities.c.
A vulnerability exists in the xml entity encoding functionality of the affected libxml2. An attacker can use a specially crafted file to trigger an out-of-bounds read.
Hitachi Energy is aware of public reports of this vulnerability in the following open-source software components: OpenSSL, LibSSL, libxml2, and GRUB2 bootloader. The vulnerability also affects some APM Edge products. An attacker who successfully exploits this vulnerability could cause the product to become inaccessible.
A vulnerability exists in the early boot process of the product in which there is a tiny time gap where a previous version of VxWorks is loaded prior to booting up the complete application firmware. The older version of VxWorks is susceptible to Urgent/11, which may allow for remote code execution on the device before the operating system is loaded.
An issue exists in the BCI IEC 60870-5-104 function included in the affected products. If BCI IEC 60870-5-104 is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the affected product, causing it to reboot. This vulnerability is caused by the validation error in the APDU parser of the BCI IEC 60870-5-104 function.
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.
Hitachi Energy PCM600 Update Manager
Hitachi Energy RTU500 series
Hitachi Energy APM Edge
Hitachi Energy Relion 670/650/SAM600-IO
Hitachi Energy RTU500 series BCI