Detections
Analytics

Hitachi Energy RTU500 Stack-Based Buffer Overflow (CVE-2022-2081)

high Tenable OT Security Plugin ID 501889

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Hitachi Energy recommends updating to the following firmware versions:

- Update to RTU500 series CMU Firmware version 12.0.14.0 or higher.
- Update to RTU500 series CMU Firmware version 12.2.12.0 or higher.
- Update to RTU500 series CMU Firmware version 12.4.12.0 or higher.
- Update to RTU500 series CMU Firmware version 12.6.8.0 or higher.
- Update to RTU500 series CMU Firmware version 12.7.4.0 or higher.
- Update to RTU500 series CMU Firmware version 13.2.5.0 or higher.
- Update to RTU500 series CMU Firmware version 13.3.2.0 or higher.

Users should see Hitachi Energy advisory 8DBD000111 for additional mitigation and update information.

See Also

http://www.nessus.org/u?cd0eebd9

https://www.cisa.gov/news-events/ics-advisories/icsa-22-235-07

Plugin Details

Severity: High

ID: 501889

Version: 1.4

Type: remote

Family: Tenable.ot

Published: 1/17/2024

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2022-2081

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:hitachienergy:rtu520_firmware:12, cpe:/o:hitachienergy:rtu520_firmware:13.3.1, cpe:/o:hitachienergy:rtu520_firmware:13

Required KB Items: Tenable.ot/ABB

Exploit Ease: No known exploits are available

Patch Publication Date: 1/4/2024

Vulnerability Publication Date: 1/4/2024

Reference Information

CVE: CVE-2022-2081

CWE: 120, 787

ICSA: 22-235-07