CVE-2023-5769

Summary

A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to user input being improperly sanitized.

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergyRTU500RTU500 series CMU Firmware version 12.0.1 – 12.0.14affected
Hitachi EnergyRTU500RTU500 series CMU Firmware version 12.2.1 – 12.2.11affected
Hitachi EnergyRTU500RTU500 series CMU Firmware version 12.4.1 – 12.4.11affected
Hitachi EnergyRTU500RTU500 series CMU Firmware version 12.6.1 – 12.6.9affected
Hitachi EnergyRTU500RTU500 series CMU Firmware version 12.7.1 – 12.7.6affected
Hitachi EnergyRTU500RTU500 series CMU Firmware version 13.2.1 – 13.2.6affected
Hitachi EnergyRTU500RTU500 series CMU Firmware version 13.4.1 – 13.4.3affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References