CVE-2022-2502

Name of the Vulnerable Software and Affected Versions Hitachi Energy RTU500 series product (affected versions not specified)

Description The issue is related to a buffer overflow in the stack of the HCI interface, which functions according to the IEC 60870-5-104 standard. This can be exploited by an attacker to cause a denial of service. The vulnerability can only be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature ‘Advanced security’. An attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a missing input data validation which eventually, if exploited, causes an internal buffer to overflow in the HCI IEC 60870-5-104 function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.