#VU70767 Cryptographic issues in Hitachi Energy Server applications
Vulnerability identifier: #VU70767
Vulnerability risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-310
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
FOXMAN-UN R16A
Server applications /
Other server solutions
FOXMAN-UN R15B
Server applications /
Other server solutions
FOXMAN-UN R15A
Server applications /
Other server solutions
FOXMAN-UN R14B
Server applications /
Other server solutions
FOXMAN-UN R14A
Server applications /
Other server solutions
FOXMAN-UN R11B
Server applications /
Other server solutions
FOXMAN-UN R11A
Server applications /
Other server solutions
FOXMAN-UN R10C
Server applications /
Other server solutions
FOXMAN-UN R9C
Server applications /
Other server solutions
Vendor: Hitachi Energy
Description
The vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected products use a DES implementation with a default key for encryption. A local attacker can obtain sensitive information and gain access to network elements managed by the FOXMAN-UN.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
FOXMAN-UN R16A: All versions
FOXMAN-UN R15B: All versions
FOXMAN-UN R15A: All versions
FOXMAN-UN R14B: All versions
FOXMAN-UN R14A: All versions
FOXMAN-UN R11B: All versions
FOXMAN-UN R11A: All versions
FOXMAN-UN R10C: All versions
FOXMAN-UN R9C: All versions
External links
http://search.abb.com/library/Download.aspx?DocumentID=8DBD000083&LanguageCode=en&DocumentPartId=&Action=Launch
http://www.cisa.gov/uscert/ics/advisories/icsa-23-005-02
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
