Rtu500 Firmware
CVE-2022-28613
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is en-abled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the receiving RTU500 CMU to reboot. The vulnerability is caused by the validation error in the length information carried in MBAP header in the HCI Modbus TCP function.
AnalysisAI
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-1284. A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is en-abled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the receiving RTU500 CMU to reboot. The vulnerability is caused by the validation error in the length information carried in MBAP header in the HCI Modbus TCP function. Affected products include: Abb Rtu500 Firmware, Hitachienergy Rtu500 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Rtu500 Firmware
View allVulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions list
Improper Input Validation vulnerability in the APDU parser in the Bidirectional Communication Interface (BCI) IEC 60870-
Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today