Vulnerability identifier: #VU69736

Vulnerability risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2513

CWE-ID: CWE-312

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
PCM600 Update Manager
Other software / Other software solutions
670 Connectivity Package
Other software / Other software solutions
650 Connectivity Package
Other software / Other software solutions
SAM600-IO Connectivity Package
Other software / Other software solutions
GMS600 Connectivity Package
Other software / Other software solutions
PWC600 Connectivity Package
Other software / Other software solutions

Vendor: Hitachi Energy

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to user credentials are stored in plaintext in the database within the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function. A local attacker can obtain IED credentials.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

PCM600 Update Manager: 2.11

670 Connectivity Package: 3.0 - 3.4.1

650 Connectivity Package: 1.3 - 2.4.1

SAM600-IO Connectivity Package: 1.0 - 1.2

GMS600 Connectivity Package: 1.3 - 1.3.1

PWC600 Connectivity Package: 1.1 - 1.3

---

External links
http://search.abb.com/library/Download.aspx?DocumentID=8DBD000120&LanguageCode=en&DocumentPartId=&Action=Launch
http://www.cisa.gov/uscert/ics/advisories/icsa-22-333-02

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.