CVE-2022-28613

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is en-abled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the receiving RTU500 CMU to reboot. The vulnerability is caused by the validation error in the length information carried in MBAP header in the HCI Modbus TCP function.

CVSS v3 7.5 HIGH
CVSS v2.0 7.8 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:abb:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::

cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-05-02 19:15

Updated : 2024-11-21 06:57

NVD link : CVE-2022-28613

Mitre link : CVE-2022-28613

CVE.ORG link : CVE-2022-28613

JSON object : View

Products Affected

hitachienergy

rtu500_firmware
rtu500

abb

rtu500_firmware

CWE

CWE-1284

Improper Validation of Specified Quantity in Input

{"id": "CVE-2022-28613", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-05-02T19:15:09.200", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "cybersecurity@hitachienergy.com"}, {"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "description": [{"lang": "en", "value": "CWE-1284"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-1284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is en-abled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the receiving RTU500 CMU to reboot. The vulnerability is caused by the validation error in the length information carried in MBAP header in the HCI Modbus TCP function."}, {"lang": "es", "value": "Una vulnerabilidad en el COMPONENTE HCI Modbus TCP del firmware de la CMU de la serie RTU500 de Hitachi Energy, causada por un error de comprobaci\u00f3n en la informaci\u00f3n de longitud que se transmite en el encabezado MBAP, permite a un ATACANTE reiniciar el dispositivo mediante el env\u00edo de un mensaje especialmente dise\u00f1ado. Este problema afecta a: Hitachi Energy RTU500 series CMU Firmware versiones 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*"}], "lastModified": "2024-11-21T06:57:34.920", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E218D81E-9E3B-47A4-829E-8D79CC6C017A", "versionEndExcluding": "12.2.12.0", "versionStartIncluding": "12.2.1.0"}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5651891D-EAD1-4E41-82E9-DFE762A3C35D", "versionEndExcluding": "12.0.14.0", "versionStartIncluding": "12.0.1.0"}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "229DCAE7-8362-4C5F-B708-9B130123DAAC", "versionEndExcluding": "12.4.12.0", "versionStartIncluding": "12.4.1.0"}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BF67F27-4854-47BC-A0E1-BB3A918C9F36", "versionEndExcluding": "12.6.8.0", "versionStartIncluding": "12.6.1.0"}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0C47FBB-38D1-46D5-8381-3AF69EF78A44", "versionEndExcluding": "12.7.4.0", "versionStartIncluding": "12.7.1.0"}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4867D76C-DB3D-4E48-8BB1-FE8336F4A979", "versionEndExcluding": "13.2.5.0", "versionStartIncluding": "13.2.1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE94252D-03EE-451B-8322-B4DBC790C6E9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cybersecurity@hitachienergy.com"}