Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
Hitachi Energy RTU500 安全漏洞
Vulnerability Description
Hitachi Energy RTU500是瑞士日立能源(Hitachi)公司的一系列工控组件。 Hitachi Energy RTU500系列版本存在安全漏洞,该漏洞源于如果启用并配置了 HCI Modbus TCP,攻击者可以利用该漏洞通过向 RTU500 高速发送特制消息,导致目标 RTU500 CMU 重启。
CVSS Information
N/A
Vulnerability Type
N/A