CVE-2024-2462

Summary

Allow attackers to intercept or falsify data exchanges between the client and the server

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergyFOXMAN-UN0 <= FOXMAN-UN R16B PC2affected
Hitachi EnergyFOXMAN-UNFOXMAN-UN R16B PC3unaffected
Hitachi EnergyFOXMAN-UN0 <= FOXMAN-UN R15B PC4affected
Hitachi EnergyFOXMAN-UNFOXMAN-UN R15B PC5unaffected
Hitachi EnergyFOXMAN-UNFOXMAN-UN R16Aaffected
Hitachi EnergyFOXMAN-UNFOXMAN-UN R15Aaffected
Hitachi EnergyFOX61x0 < FOX61x R16Baffected
Hitachi EnergyFOX61xFOX61x R16Bunaffected
Hitachi EnergyFOXCST0 < FOXCST_16.2.1affected
Hitachi EnergyFOXCSTFOXCST_16.2.1unaffected
Hitachi EnergyUNEM0 <= UNEM R16B PC2affected
Hitachi EnergyUNEMUNEM R16B PC3unaffected
Hitachi EnergyUNEM0 <= UNEM R15B PC4affected
Hitachi EnergyUNEMUNEM R15B PC5unaffected
Hitachi EnergyUNEMUNEM R16Aaffected
Hitachi EnergyUNEMUNEM R15Aaffected
Hitachi EnergyXMC20R16Baffected
Hitachi EnergyECSTECST_16.2.1affected

Weaknesses

  • CWE-297: CWE-297 Improper Validation of Certificate with Host Mismatch

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References