#VU103274 Improperly implemented security check for standard in RTU500 - CVE-2024-2617

Cybersecurity Help s.r.o.

Published: 2025-01-24

Vulnerability identifier: #VU103274

Vulnerability risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-2617

CWE-ID: CWE-358

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
RTU500
Hardware solutions / Firmware

Vendor: Hitachi Energy

Description

The vulnerability allows a remote user to bypass secure update.

The vulnerability exists due to improperly implemented security check for standard. A remote administrator can update the RTU500 with unsigned firmware.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

RTU500: 13.2.1 - 13.5.3

External links
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000199&languageCode=en&Preview=true
https://www.cisa.gov/news-events/ics-advisories/icsa-25-023-02

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improperly implemented security check for standard in Hitachi Energy RTU500 Series