China-Attributed ‘Muddling Meerkat’ Exploits DNS to Map Internet Worldwide – Active IOCs
April 30, 2024R Programming Vulnerability Puts Organizations at High Risk for Supply Chain Attacks
April 30, 2024China-Attributed ‘Muddling Meerkat’ Exploits DNS to Map Internet Worldwide – Active IOCs
April 30, 2024R Programming Vulnerability Puts Organizations at High Risk for Supply Chain Attacks
April 30, 2024Severity
High
Analysis Summary
CVE-2024-2244 CVSS:5.3
Hitachi Energy Asset Suite could allow a remote attacker to bypass security restrictions, caused by a REST service authentication anomaly when processing batch jobs. By using a combination of "valid username/no password", an attacker could exploit this vulnerability to invoke the aforementioned service.
CVE-2024-21840 CVSS:7.9
Hitachi Storage Plug-in for VMware vCenter could allow a local authenticated attacker to bypass security restrictions, caused by incorrect default permissions. By sending a specially crafted request, an attacker could exploit this vulnerability to read and write specific files.
CVE-2023-6457 CVSS:6.6
Hitachi Tuning Manager for Windows could allow a local authenticated attacker to bypass security restrictions, caused by a file and directory permissions vulnerability in the JP1/Performance Management endpoint. An attacker could exploit this vulnerability to read and write files.
CVE-2023-3517 CVSS:8.5
Hitachi Vantara Pentaho Data Integration and Analytics could allow a remote authenticated attacker to bypass security restrictions, caused by improper restriction of JNDI identifiers during the creation of XActions. An attacker could exploit this vulnerability to control system-level data sources.
CVE-2023-4518 CVSS:6.5
Hitachi Energy Relion 670 is vulnerable to a denial of service, caused by improper validation of user-supplied input by the IED component. By sending a specially crafted GOOSE message, a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-2244
- CVE-2024-21840
- CVE-2023-6457
- CVE-2023-3517
- CVE-2024-4518
Affected Vendors
Affected Products
- Hitachi Energy Asset Suite 9.6.3.11.1
- Hitachi Energy Asset Suite 9.6.4
- Hitachi Storage Plug-in for VMware vCenter 04.0.0
- Hitachi Storage Plug-in for VMware vCenter 04.9.2
- Hitachi Tuning Manager for Windows 8.8.5
- Hitachi Tuning Manager for Windows 8.8.4
- Hitachi Vantara Pentaho Data Integration and Analytics 9.5.0.0
- Hitachi Vantara Pentaho Data Integration and Analytics 9.3.0.4
- Hitachi Energy Relion 670 2.2.0
- Hitachi Energy Relion 670 series 2.2.1
- Hitachi Energy Relion 670 series 2.2.2
- Hitachi Energy Relion 670 series 2.2.2.5
- Hitachi Energy Relion 670 series 2.2.3
- Hitachi Energy Relion 670 series 2.2.3.6
- Hitachi Energy Relion 670 series 2.2.4
- Hitachi Energy Relion 650 series 2.2.4
- Hitachi Energy Relion 670 series 2.2.4.3
- Hitachi Energy Relion 650 series 2.2.4.3
- Hitachi Energy Relion 650 series 2.2.5
- Hitachi Energy Relion 670 series 2.2.5
- Hitachi Energy Relion SAM600-IO series 2.2.5
- Hitachi Energy Relion SAM600-IO series 2.2.5.5
- Hitachi Energy Relion 670 series 2.2.5.5
- Hitachi Energy Relion 650 series 2.2.5.5
- Hitachi Energy Relion 650 series 2.2.1
- Hitachi Energy Relion SAM600-IO series 2.2.1
Remediation
Refer to Hitachi Security Advisory for patch, upgrade, or suggested workaround information.