CVE-2023-6711 — MEDIUM (5.9)

Q: How severe is CVE-2023-6711?

CVE-2023-6711 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-6711?

Check the references section above for vendor advisories and patch information. Affected products include: Hitachienergy Rtu500 Firmware, Hitachienergy Rtu500.

Vulnerability Description

Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Hitachienergy	Rtu500 Firmware	>= 12.0.1.0, < 12.0.15.0
Hitachienergy	Rtu500	-

Related Weaknesses (CWE)

CWE-120

References

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000184&languageCode=eVendor Advisory
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000184&languageCode=eVendor Advisory

FAQ

What is CVE-2023-6711?

CVE-2023-6711 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not va...

How severe is CVE-2023-6711?

CVE-2023-6711 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-6711?

Check the references section above for vendor advisories and patch information. Affected products include: Hitachienergy Rtu500 Firmware, Hitachienergy Rtu500.