CVE-2022-28613

Name of the Vulnerable Software and Affected Versions Hitachi Energy RTU500 series CMU Firmware versions 12.0.* through 13.2.*

Description A vulnerability exists in the HCI Modbus TCP function, which can be exploited by sending a specially crafted message to the RTU500, causing it to reboot. This issue is caused by a validation error in the length information carried in the MBAP header. An attacker could exploit this vulnerability if the HCI Modbus TCP is enabled and configured.

Recommendations For Hitachi Energy RTU500 series CMU Firmware versions 12.0.* through 13.2.*, consider disabling the HCI Modbus TCP function until a patch is available to prevent exploitation. Restrict access to the vulnerable component to minimize the risk of rebooting the device. Avoid using the MBAP header in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.