Analysis Summary

CVE-2024-1531 CVSS:8.2 

Hitachi Energy RTU500 Series could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the stb-language file handling. By uploading a specially crafted stb-language file, an attacker could exploit this vulnerability to print random memory content in the RTU500 system log, and use this information to launch further attacks against the affected system.

CVE-2024-1532 CVSS:6.8

Hitachi Energy RTU500 Series is vulnerable to a denial of service, caused by a flaw in the stb-language file handling. By uploading a specially crafted stb-language file, a remote authenticated attacker could exploit this vulnerability to enforce diagnostic texts being displayed as empty strings, and results in a denial of service condition.

CVE-2024-0400 CVSS:7.5

Hitachi Energy MACH SCM could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation by the authenticated List control client. By sending a specially crafted code, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-2097 CVSS:7.5

Hitachi Energy MACH SCM could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation by the authenticated List control client. By sending a specially crafted LINQ query, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

• Denial of Service
• Gain Access
• Code Execution
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2024-0400
• CVE-2024-2097
• CVE-2024-1532
• CVE-2024-1531

Affected Vendors

Remediation

Refer to Hitachi Energy Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-0400

CVE-2024-2097

CVE-2024-1532

CVE-2024-1531