Request a Demo
Rewterz
China-Attributed ‘Muddling Meerkat’ Exploits DNS to Map Internet Worldwide – Active IOCs
April 30, 2024
Rewterz
R Programming Vulnerability Puts Organizations at High Risk for Supply Chain Attacks
April 30, 2024

ICS: Multiple Hitachi Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-2244 CVSS:5.3

Hitachi Energy Asset Suite could allow a remote attacker to bypass security restrictions, caused by a REST service authentication anomaly when processing batch jobs. By using a combination of "valid username/no password", an attacker could exploit this vulnerability to invoke the aforementioned service.

CVE-2024-21840 CVSS:7.9

Hitachi Storage Plug-in for VMware vCenter could allow a local authenticated attacker to bypass security restrictions, caused by incorrect default permissions. By sending a specially crafted request, an attacker could exploit this vulnerability to read and write specific files.

CVE-2023-6457 CVSS:6.6

Hitachi Tuning Manager for Windows could allow a local authenticated attacker to bypass security restrictions, caused by a file and directory permissions vulnerability in the JP1/Performance Management endpoint. An attacker could exploit this vulnerability to read and write files.

CVE-2023-3517 CVSS:8.5

Hitachi Vantara Pentaho Data Integration and Analytics could allow a remote authenticated attacker to bypass security restrictions, caused by improper restriction of JNDI identifiers during the creation of XActions. An attacker could exploit this vulnerability to control system-level data sources.

CVE-2023-4518 CVSS:6.5

Hitachi Energy Relion 670 is vulnerable to a denial of service, caused by improper validation of user-supplied input by the IED component. By sending a specially crafted GOOSE message, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

  • Denial of Service
  • Security Bypass

Indicators of Compromise

CVE

  • CVE-2024-2244
  • CVE-2024-21840
  • CVE-2023-6457
  • CVE-2023-3517
  • CVE-2024-4518

Affected Vendors

Hitachi

Affected Products

  • Hitachi Energy Asset Suite 9.6.3.11.1
  • Hitachi Energy Asset Suite 9.6.4
  • Hitachi Storage Plug-in for VMware vCenter 04.0.0
  • Hitachi Storage Plug-in for VMware vCenter 04.9.2
  • Hitachi Tuning Manager for Windows 8.8.5
  • Hitachi Tuning Manager for Windows 8.8.4
  • Hitachi Vantara Pentaho Data Integration and Analytics 9.5.0.0
  • Hitachi Vantara Pentaho Data Integration and Analytics 9.3.0.4
  • Hitachi Energy Relion 670 2.2.0
  • Hitachi Energy Relion 670 series 2.2.1
  • Hitachi Energy Relion 670 series 2.2.2
  • Hitachi Energy Relion 670 series 2.2.2.5
  • Hitachi Energy Relion 670 series 2.2.3
  • Hitachi Energy Relion 670 series 2.2.3.6
  • Hitachi Energy Relion 670 series 2.2.4
  • Hitachi Energy Relion 650 series 2.2.4
  • Hitachi Energy Relion 670 series 2.2.4.3
  • Hitachi Energy Relion 650 series 2.2.4.3
  • Hitachi Energy Relion 650 series 2.2.5
  • Hitachi Energy Relion 670 series 2.2.5
  • Hitachi Energy Relion SAM600-IO series 2.2.5
  • Hitachi Energy Relion SAM600-IO series 2.2.5.5
  • Hitachi Energy Relion 670 series 2.2.5.5
  • Hitachi Energy Relion 650 series 2.2.5.5
  • Hitachi Energy Relion 650 series 2.2.1
  • Hitachi Energy Relion SAM600-IO series 2.2.1

Remediation

Refer to Hitachi Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2024-2244

CVE-2024-21840

CVE-2023-6457

CVE-2023-3517

CVE-2024-4518