CVE-2024-25026 – IBM WebSphere Application Server Vulnerability
April 26, 2024Lazarus Group Uses Deceptive Job Lures to Implement New Kaolin RAT
April 26, 2024CVE-2024-25026 – IBM WebSphere Application Server Vulnerability
April 26, 2024Lazarus Group Uses Deceptive Job Lures to Implement New Kaolin RAT
April 26, 2024Severity
High
Analysis Summary
CVE-2024-1531 CVSS:8.2
Hitachi Energy RTU500 Series could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the stb-language file handling. By uploading a specially crafted stb-language file, an attacker could exploit this vulnerability to print random memory content in the RTU500 system log, and use this information to launch further attacks against the affected system.
CVE-2024-1532 CVSS:6.8
Hitachi Energy RTU500 Series is vulnerable to a denial of service, caused by a flaw in the stb-language file handling. By uploading a specially crafted stb-language file, a remote authenticated attacker could exploit this vulnerability to enforce diagnostic texts being displayed as empty strings, and results in a denial of service condition.
CVE-2024-0400 CVSS:7.5
Hitachi Energy MACH SCM could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation by the authenticated List control client. By sending a specially crafted code, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-2097 CVSS:7.5
Hitachi Energy MACH SCM could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation by the authenticated List control client. By sending a specially crafted LINQ query, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Denial of Service
- Gain Access
- Code Execution
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-0400
- CVE-2024-2097
- CVE-2024-1532
- CVE-2024-1531
Affected Vendors
Affected Products
- Hitachi Energy RTU500 series CMU Firmware 12.0.1
- Hitachi Energy RTU500 series CMU Firmware 12.2.1
- Hitachi Energy RTU500 series CMU Firmware 12.4.1
- Hitachi Energy RTU500 series CMU Firmware 12.6.1
- Hitachi Energy RTU500 series CMU Firmware 12.7.1
- Hitachi Energy RTU500 series CMU Firmware 13.2.1
- Hitachi Energy RTU500 series CMU Firmware 13.4.1
- Hitachi Energy RTU500 series CMU Firmware 12.0.14
- Hitachi Energy RTU500 series CMU Firmware 12.2.11
- Hitachi Energy RTU500 series CMU Firmware 12.4.11
- Hitachi Energy RTU500 series CMU Firmware 12.6.9
- Hitachi Energy RTU500 series CMU Firmware 12.7.6
- Hitachi Energy RTU500 series CMU Firmware 13.2.6
- Hitachi Energy MACH SCM 4.0
- Hitachi Energy MACH SCM 4.38
- Hitachi Energy RTU500 series CMU Firmware 13.4.4
- Hitachi Energy RTU500 series CMU Firmware 13.5.1
- Hitachi Energy RTU500 series CMU Firmware 13.5.3
Remediation
Refer to Hitachi Energy Security Advisory for patch, upgrade or suggested workaround information.