CVE-2022-2081

Summary

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function.

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergyRTU500 series CMU firmware12.0.1.0 <= 12.0.13.0affected
Hitachi EnergyRTU500 series CMU firmware12.2.1.0 <= 12.2.11.0affected
Hitachi EnergyRTU500 series CMU firmware12.4.1.0 <= 12.4.11.0affected
Hitachi EnergyRTU500 series CMU firmware12.6.1.0 <= 12.6.7.0affected
Hitachi EnergyRTU500 series CMU firmware12.7.1.0 <= 12.7.3.0affected
Hitachi EnergyRTU500 series CMU firmware13.2.1.0 <= 13.2.4.0affected
Hitachi EnergyRTU500 series CMU firmware13.3.1.0affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References