SB2025052609 - Multiple vulnerabilities in Hitachi Energy RTU500 Series

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Cross-site scripting (CVE-ID: CVE-2023-5767)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the webserver within the RDT language file. A remote user can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

2) Input validation error (CVE-ID: CVE-2023-5768)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the HCI IEC 60870-5-104. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

3) Cross-site scripting (CVE-ID: CVE-2023-5769)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the webserver. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Remediation

Install update from vendor's website.

References

• https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true
• https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-02