Vulnerability-Lookup

GHSA-8RV2-8C5X-G54V

Vulnerability from github – Published: 2024-04-30 15:30 – Updated: 2024-04-30 15:30

Details

A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update. If a malicious actor successfully exploits this vulnerability, they could use it to update the RTU500 with unsigned firmware.

Severity

7.2 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-2617"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-358"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-30T13:15:47Z",
    "severity": "HIGH"
  },
  "details": "\nA vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update. If a\nmalicious actor successfully exploits this vulnerability, they\ncould use it to update the RTU500 with unsigned firmware.\n\n",
  "id": "GHSA-8rv2-8c5x-g54v",
  "modified": "2024-04-30T15:30:37Z",
  "published": "2024-04-30T15:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2617"
    },
    {
      "type": "WEB",
      "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000199\u0026languageCode=en\u0026Preview=true"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2024-2617 (GCVE-0-2024-2617)

Vulnerability from cvelistv5 – Published: 2024-04-30 12:57 – Updated: 2026-03-04 12:02

Summary

A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, if secure update feature was not enabled on all CMUs of a RTU500. If a malicious actor successfully exploits this vulnerability, they could use it to update the RTU500 with unsigned firmware.

Severity

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-358 - Improperly Implemented Security Check for Standard

Assigner

Hitachi Energy

References

1 reference

URL	Tags
https://publisher.hitachienergy.com/preview?Docum…

Impacted products

4 products

Vendor	Product	Version
Hitachi Energy	RTU500 series CMU firmware	Affected: 13.2.1 , ≤ 13.2.7 (custom) Affected: 13.4.1 , ≤ 13.4.4 (custom) Affected: 13.5.1 , ≤ 13.5.3 (custom)
hitachienergy	rtu500_firmware	Affected: 13.2.1.0 , ≤ 13.2.7.0 (custom) cpe:2.3:o:hitachienergy:rtu500_firmware:13.2.1.0:::::::*
hitachienergy	rtu500_firmware	Affected: 13.4.1.0 , ≤ 13.4.4.0 (custom) cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1.0:::::::*
hitachienergy	rtu500_firmware	Affected: 13.5.1.0 , ≤ 13.5.3.0 (custom) cpe:2.3:o:hitachienergy:rtu500_firmware:13.5.1.0:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:hitachienergy:rtu500_firmware:13.2.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "rtu500_firmware",
            "vendor": "hitachienergy",
            "versions": [
              {
                "lessThanOrEqual": "13.2.7.0",
                "status": "affected",
                "version": "13.2.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "rtu500_firmware",
            "vendor": "hitachienergy",
            "versions": [
              {
                "lessThanOrEqual": "13.4.4.0",
                "status": "affected",
                "version": "13.4.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:hitachienergy:rtu500_firmware:13.5.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "rtu500_firmware",
            "vendor": "hitachienergy",
            "versions": [
              {
                "lessThanOrEqual": "13.5.3.0",
                "status": "affected",
                "version": "13.5.1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2617",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-30T16:11:48.392692Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-358",
                "description": "CWE-358 Improperly Implemented Security Check for Standard",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:29:04.729Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:18:48.011Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000199\u0026languageCode=en\u0026Preview=true"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "RTU500 series CMU firmware",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "13.2.7",
              "status": "affected",
              "version": "13.2.1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "13.4.4",
              "status": "affected",
              "version": "13.4.1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "13.5.3",
              "status": "affected",
              "version": "13.5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, \n\nif secure update feature was not enabled on all\nCMUs of a RTU500. If a\nmalicious actor successfully exploits this vulnerability, they\ncould use it to update the RTU500 with unsigned firmware."
            }
          ],
          "value": "A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, \n\nif secure update feature was not enabled on all\nCMUs of a RTU500. If a\nmalicious actor successfully exploits this vulnerability, they\ncould use it to update the RTU500 with unsigned firmware."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-04T12:02:50.897Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000199\u0026languageCode=en\u0026Preview=true"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2024-2617",
    "datePublished": "2024-04-30T12:57:37.143Z",
    "dateReserved": "2024-03-18T17:44:43.352Z",
    "dateUpdated": "2026-03-04T12:02:50.897Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-8RV2-8C5X-G54V

CVE-2024-2617 (GCVE-0-2024-2617)

Tags

Sightings

Nomenclature