8.2
CVE-2024-1531
- EPSS 0.06%
- Veröffentlicht 27.03.2024 02:15:11
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle cybersecurity@hitachienergy.co
- CVE-Watchlists
- Unerledigt
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could print random memory content in the RTU500 system log, if an authorized user uploads a specially crafted stb-language file.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerHitachi Energy
≫
Produkt
RTU500 series CMU firmware
Default Statusunaffected
Version <=
12.0.14
Version
12.0.1
Status
affected
Version <=
12.2.11
Version
12.2.1
Status
affected
Version <=
12.4.11
Version
12.4.1
Status
affected
Version <=
12.6.9
Version
12.6.1
Status
affected
Version <=
12.7.6
Version
12.7.1
Status
affected
Version <=
13.2.6
Version
13.2.1
Status
affected
Version <=
13.4.4
Version
13.4.1
Status
affected
Version <=
13.5.3
Version
13.5.1
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.189 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cybersecurity@hitachienergy.com | 8.2 | 2.3 | 5.3 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.