Detections
Analytics

Hitachi Energy RTU500 series CMU Buffer Copy Without Checking Size of Input (CVE-2023-6711)

high Tenable OT Security Plugin ID 501852

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below.
Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Hitachi Energy recommends that users update to the respective series CMU firmware version as below.

- Hitachi Energy RTU500 series CMU Firmware 12.0.15
- Hitachi Energy RTU500 series CMU Firmware 12.2.12
- Hitachi Energy RTU500 series CMU Firmware 12.4.12
- Hitachi Energy RTU500 series CMU Firmware 12.6.10
- Hitachi Energy RTU500 series CMU Firmware 12.7.7
- Hitachi Energy RTU500 series CMU Firmware 13.2.7
- Hitachi Energy RTU500 series CMU Firmware 13.4.4
- Hitachi Energy RTU500 series CMU Firmware 13.5.2

Hitachi Energy recommends that users follow the "Remote Terminal Units Security Deployment Guideline" as well to apply mitigation as described below.

Hitachi Energy recommends users implementing recommended security practices and firewall configurations to help protect the process control network from attacks originating from outside the network. Process control systems should be physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and be separated from other networks by means of a firewall system with a minimal number of ports exposed. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.

For more information, see Hitachi Energy Cybersecurity Advisory "DoS Vulnerability in Hitachi Energy's RTU500 series products".

For additional information and support please contact your product provider or Hitachi Energy service organization at https://www.hitachienergy.com/contact-us/.

See Also

http://www.nessus.org/u?b9d308d7

https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-01

Plugin Details

Severity: High

ID: 501852

File Name: tenable_ot_abb_CVE-2023-6711.nasl

Version: 1.3

Type: remote

Family: Tenable.ot

Published: 1/2/2024

Updated: 2/14/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-6711

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:hitachienergy:rtu500_firmware:13, cpe:/o:hitachienergy:rtu500_firmware:13.5.1.0, cpe:/o:hitachienergy:rtu500_firmware:12

Required KB Items: Tenable.ot/ABB

Exploit Ease: No known exploits are available

Patch Publication Date: 12/19/2023

Vulnerability Publication Date: 12/19/2023

Reference Information

CVE: CVE-2023-6711

CWE: 120, 20