Multiple vulnerabilities in Hitachi Energy TRO600
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-41156 CVE-2024-41153 |
| CWE-ID | CWE-77 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
TRO600 Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Hitachi Energy |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Command Injection
EUVDB-ID: #VU100443
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41156
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the Edge Computing UI. A remote administrator can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTRO600: 9.0.1.0 - 9.2.0.0
CPE2.3- cpe:2.3:h:hitachi_energy:tro600:*:*:*:*:*:*:*:*
- cpe:2.3:h:hitachi_energy:tro600:9.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:h:hitachi_energy:tro600:9.2.0.0:*:*:*:*:*:*:*
http://publisher.hitachienergy.com/preview?DocumentID=8DBD000147&LanguageCode=en&DocumentPartId=&Action=launch
http://www.cisa.gov/news-events/ics-advisories/icsa-24-317-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU100444
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41153
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to the profile files are extracted in plain-text and encrypted file formats. A remote administrator can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTRO600: 9.1.0.0 - 9.2.0.0
CPE2.3- cpe:2.3:h:hitachi_energy:tro600:*:*:*:*:*:*:*:*
- cpe:2.3:h:hitachi_energy:tro600:9.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:h:hitachi_energy:tro600:9.2.0.0:*:*:*:*:*:*:*
http://publisher.hitachienergy.com/preview?DocumentID=8DBD000147&LanguageCode=en&DocumentPartId=&Action=launch
http://www.cisa.gov/news-events/ics-advisories/icsa-24-317-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
