CVE-2022-28613 - OpenCVE

A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Abb	Rtu500 Firmware
Hitachienergy	Rtu500 Rtu500 Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:abb:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::

cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch

History

No history.

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2022-05-02T19:01:06.262330Z

Updated: 2024-09-16T22:36:43.463Z

Reserved: 2022-04-04T00:00:00

Link: CVE-2022-28613

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-05-02T19:15:09.200

Modified: 2023-07-21T16:43:00.360

Link: CVE-2022-28613

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "RTU500 series CMU Firmware", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "12.0.*"}, {"status": "affected", "version": "12.2.*"}, {"status": "affected", "version": "12.4.*"}, {"status": "affected", "version": "12.6.*"}, {"status": "affected", "version": "12.7.*"}, {"status": "affected", "version": "13.2.*"}]}], "datePublic": "2022-04-19T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-02T19:01:06", "orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch"}], "solutions": [{"lang": "en", "value": "Remediation available, see the advisory for details."}], "source": {"discovery": "INTERNAL"}, "title": "Specially Crafted Modbus TCP Packet Vulnerability in RTU500 series", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@hitachienergy.com", "DATE_PUBLIC": "2022-04-19T10:00:00.000Z", "ID": "CVE-2022-28613", "STATE": "PUBLIC", "TITLE": "Specially Crafted Modbus TCP Packet Vulnerability in RTU500 series"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "RTU500 series CMU Firmware", "version": {"version_data": [{"version_affected": "=", "version_name": "12.0.*", "version_value": "12.0.*"}, {"version_affected": "=", "version_name": "12.2.*", "version_value": "12.2.*"}, {"version_affected": "=", "version_name": "12.4.*", "version_value": "12.4.*"}, {"version_affected": "=", "version_name": "12.6.*", "version_value": "12.6.*"}, {"version_affected": "=", "version_name": "12.7.*", "version_value": "12.7.*"}, {"version_affected": "=", "version_name": "13.2.*", "version_value": "13.2.*"}]}}]}, "vendor_name": "Hitachi Energy"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch", "refsource": "CONFIRM", "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch"}]}, "solution": [{"lang": "en", "value": "Remediation available, see the advisory for details."}], "source": {"discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:56:16.200Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch"}]}]}, "cveMetadata": {"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "assignerShortName": "Hitachi Energy", "cveId": "CVE-2022-28613", "datePublished": "2022-05-02T19:01:06.262330Z", "dateReserved": "2022-04-04T00:00:00", "dateUpdated": "2024-09-16T22:36:43.463Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E218D81E-9E3B-47A4-829E-8D79CC6C017A", "versionEndExcluding": "12.2.12.0", "versionStartIncluding": "12.2.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5651891D-EAD1-4E41-82E9-DFE762A3C35D", "versionEndExcluding": "12.0.14.0", "versionStartIncluding": "12.0.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "229DCAE7-8362-4C5F-B708-9B130123DAAC", "versionEndExcluding": "12.4.12.0", "versionStartIncluding": "12.4.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BF67F27-4854-47BC-A0E1-BB3A918C9F36", "versionEndExcluding": "12.6.8.0", "versionStartIncluding": "12.6.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0C47FBB-38D1-46D5-8381-3AF69EF78A44", "versionEndExcluding": "12.7.4.0", "versionStartIncluding": "12.7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4867D76C-DB3D-4E48-8BB1-FE8336F4A979", "versionEndExcluding": "13.2.5.0", "versionStartIncluding": "13.2.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE94252D-03EE-451B-8322-B4DBC790C6E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation error in the length information carried in MBAP header allows an ATTACKER to reboot the device by sending a special crafted message. This issue affects: Hitachi Energy RTU500 series CMU Firmware 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*."}, {"lang": "es", "value": "Una vulnerabilidad en el COMPONENTE HCI Modbus TCP del firmware de la CMU de la serie RTU500 de Hitachi Energy, causada por un error de comprobaci\u00f3n en la informaci\u00f3n de longitud que se transmite en el encabezado MBAP, permite a un ATACANTE reiniciar el dispositivo mediante el env\u00edo de un mensaje especialmente dise\u00f1ado. Este problema afecta a: Hitachi Energy RTU500 series CMU Firmware versiones 12.0.*; 12.2.*; 12.4.*; 12.6.*; 12.7.*; 13.2.*"}], "id": "CVE-2022-28613", "lastModified": "2023-07-21T16:43:00.360", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2022-05-02T19:15:09.200", "references": [{"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000103&LanguageCode=en&DocumentPartId=&Action=Launch"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}