mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
370 lines
14 KiB
JSON
370 lines
14 KiB
JSON
{
|
|
"id": "CVE-2022-2081",
|
|
"sourceIdentifier": "cybersecurity@hitachienergy.com",
|
|
"published": "2024-01-04T10:15:10.927",
|
|
"lastModified": "2024-01-10T16:39:45.477",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Existe una vulnerabilidad en la funci\u00f3n HCI Modbus TCP incluida en las versiones de producto enumeradas anteriormente. Si HCI Modbus TCP est\u00e1 habilitado y configurado, un atacante podr\u00eda aprovechar la vulnerabilidad enviando un mensaje especialmente manipulado a la RTU500 a alta velocidad, lo que provocar\u00eda que la CMU RTU500 objetivo se reiniciara. La vulnerabilidad se debe a una falta de control de inundaciones que eventualmente, si se explota, provoca un desbordamiento de pila interna en la funci\u00f3n HCI Modbus TCP."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
},
|
|
{
|
|
"source": "cybersecurity@hitachienergy.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-787"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "cybersecurity@hitachienergy.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-120"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.0.1",
|
|
"versionEndIncluding": "12.0.13",
|
|
"matchCriteriaId": "F5E23735-DB56-4C1E-8389-B06018CC4D9E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.2.1",
|
|
"versionEndIncluding": "12.2.11",
|
|
"matchCriteriaId": "2469A78A-6F37-4F4B-BED8-060914B2D0A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.4.1",
|
|
"versionEndIncluding": "12.4.11",
|
|
"matchCriteriaId": "E9E6934B-EBB2-45FB-8E4A-7D360CBA0F92"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.6.1",
|
|
"versionEndIncluding": "12.6.7",
|
|
"matchCriteriaId": "A8966632-8645-43D6-AB52-8BC1C1BDB6DD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.7.1",
|
|
"versionEndIncluding": "12.7.3",
|
|
"matchCriteriaId": "F12F1A20-9D3C-4F2B-B538-8B4EABD288C9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.2.1",
|
|
"versionEndIncluding": "13.2.4",
|
|
"matchCriteriaId": "F7A0F9D4-E9ED-4351-8909-EEE689DE2BF4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:13.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1621CAF4-C18A-48B5-82AC-F8D09105656A"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hitachienergy:rtu520:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "11AF93AD-200F-47A6-BA2C-F82165AFB50D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.0.1",
|
|
"versionEndIncluding": "12.0.13",
|
|
"matchCriteriaId": "BB001482-F203-4731-A6DD-6BCE3C1338CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.2.1",
|
|
"versionEndIncluding": "12.2.11",
|
|
"matchCriteriaId": "79BC5D4A-09B2-41FB-962A-CF580181EB2C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.4.1",
|
|
"versionEndIncluding": "12.4.11",
|
|
"matchCriteriaId": "A30CDB2F-E0CC-4440-9E59-AB339F94996F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.6.1",
|
|
"versionEndIncluding": "12.6.7",
|
|
"matchCriteriaId": "56598D9D-5BCB-42C6-8705-AB79C4BD2A9A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.7.1",
|
|
"versionEndIncluding": "12.7.3",
|
|
"matchCriteriaId": "B4FDE92C-733F-4B52-8BE6-E37898B39075"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.2.1",
|
|
"versionEndIncluding": "13.2.4",
|
|
"matchCriteriaId": "2209D1D9-94CD-4D8B-BB80-39CC129FEEF4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:13.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BACEC63E-0548-483F-813E-C04F4C95970E"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hitachienergy:rtu530:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FC6F9377-E6BB-4DEA-9D87-0AF792CBAC57"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.0.1",
|
|
"versionEndIncluding": "12.0.13",
|
|
"matchCriteriaId": "8F1F7579-050B-4216-A4D5-FD74C8A19618"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.2.1",
|
|
"versionEndIncluding": "12.2.11",
|
|
"matchCriteriaId": "803838B5-058E-436B-8CE5-BF711456F96B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.4.1",
|
|
"versionEndIncluding": "12.4.11",
|
|
"matchCriteriaId": "A0361A98-1496-4763-A489-DCAE0D0DF613"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.6.1",
|
|
"versionEndIncluding": "12.6.7",
|
|
"matchCriteriaId": "762AB8CE-068D-46D4-A275-154A2AC58E55"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.7.1",
|
|
"versionEndIncluding": "12.7.3",
|
|
"matchCriteriaId": "4DF9263A-D1DB-4899-99C2-88B59847C808"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.2.1",
|
|
"versionEndIncluding": "13.2.4",
|
|
"matchCriteriaId": "15B3C46C-0A5E-4142-A096-94A513DD8004"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:13.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E8B2A709-9538-47C9-9E70-DBC1D2817E79"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hitachienergy:rtu540:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6EEFDEF0-883D-402B-9CD4-333A145E3C75"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.0.1",
|
|
"versionEndIncluding": "12.0.13",
|
|
"matchCriteriaId": "0708BD2D-FEA4-4C97-9C3A-B4E67EA3D926"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.2.1",
|
|
"versionEndIncluding": "12.2.11",
|
|
"matchCriteriaId": "6BDB5A36-9B2F-43F9-A81B-506C4660151F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.4.1",
|
|
"versionEndIncluding": "12.4.11",
|
|
"matchCriteriaId": "F25FBFD5-BC45-49C9-87D4-A9C05405490D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.6.1",
|
|
"versionEndIncluding": "12.6.7",
|
|
"matchCriteriaId": "0505DF4D-0B06-4E61-B756-C2B5D31B85A0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "12.7.1",
|
|
"versionEndIncluding": "12.7.3",
|
|
"matchCriteriaId": "9495E9A9-733C-4073-8B39-1A08A88B05A7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "13.2.1",
|
|
"versionEndIncluding": "13.2.4",
|
|
"matchCriteriaId": "269F1D56-A575-487D-B5ED-4E774C26BA3B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:13.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "530437F6-6F90-45D5-821C-B87C292C0CCC"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:hitachienergy:rtu560:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "495DCBD6-D2D1-4295-81D1-6ACA1B2CA223"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000111&LanguageCode=en&DocumentPartId=&Action=Launch",
|
|
"source": "cybersecurity@hitachienergy.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |