Rewterz Threat Advisory – ICS: Hitachi Energy RTU500 Series Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-6711

Hitachi Energy RTU500 series products are vulnerable to a denial of service, caused by a buffer overflow in the SCI IEC 60870-5-104 and HCI IEC 60870-5-104 components. By sending specially crafted messages, a remote attacker could exploit this vulnerability to cause the device to reboot.

Impact

• Denial of Service
• Buffer Overflow

Indicators Of Compromise

CVE

• CVE-2023-6711

Affected Vendors

Hitachi

Affected Products

• Hitachi Energy RTU500 series CMU Firmware 13.3.2
• Hitachi Energy RTU500 series CMU Firmware 12.0.1
• Hitachi Energy RTU500 series CMU Firmware 12.2.1
• Hitachi Energy RTU500 series CMU Firmware 12.4.1
• Hitachi Energy RTU500 series CMU Firmware 12.6.1
• Hitachi Energy RTU500 series CMU Firmware 12.7.1
• Hitachi Energy RTU500 series CMU Firmware 13.2.1
• Hitachi Energy RTU500 series CMU Firmware 13.4.1
• Hitachi Energy RTU500 series CMU Firmware 12.0.14
• Hitachi Energy RTU500 series CMU Firmware 12.2.11
• Hitachi Energy RTU500 series CMU Firmware 12.4.11
• Hitachi Energy RTU500 series CMU Firmware 12.6.9
• Hitachi Energy RTU500 series CMU Firmware 12.7.6
• Hitachi Energy RTU500 series CMU Firmware 13.2.6
• Hitachi Energy RTU500 series CMU Firmware 13.4.3

Remediation

Refer to Hitachi Energy Security Advisory for patch, upgrade or suggested workaround information.

Hitachi Energy Security Advisory