#VU70769 Use of Hard-coded Cryptographic Key in Hitachi Energy products - CVE-2022-3928
Vulnerability identifier: #VU70769
Vulnerability risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-321
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
FOXMAN-UN R16A
Server applications /
Other server solutions
FOXMAN-UN R15B
Server applications /
Other server solutions
FOXMAN-UN R15A
Server applications /
Other server solutions
FOXMAN-UN R14B
Server applications /
Other server solutions
FOXMAN-UN R14A
Server applications /
Other server solutions
FOXMAN-UN R11B
Server applications /
Other server solutions
FOXMAN-UN R11A
Server applications /
Other server solutions
FOXMAN-UN R10C
Server applications /
Other server solutions
FOXMAN-UN R9C
Server applications /
Other server solutions
Vendor: Hitachi Energy
Description
The vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the message queue contains a hard-coded credential. A local attacker can access data from the internal message queue.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
FOXMAN-UN R16A: All versions
FOXMAN-UN R15B: All versions
FOXMAN-UN R15A: All versions
FOXMAN-UN R14B: All versions
FOXMAN-UN R14A: All versions
FOXMAN-UN R11B: All versions
FOXMAN-UN R11A: All versions
FOXMAN-UN R10C: All versions
FOXMAN-UN R9C: All versions
External links
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000083&LanguageCode=en&DocumentPartId=&Action=Launch
https://www.cisa.gov/uscert/ics/advisories/icsa-23-005-02
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
