CVE-2022-4608

Name of the Vulnerable Software and Affected Versions RTU500 series product (affected versions not specified)

Description A vulnerability exists in the HCI IEC 60870-5-104 function, which can be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-3. After the session resumption interval is expired, an RTU500 initiated update of session parameters causes an unexpected restart due to a stack overflow. This issue may allow a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.