216.73.216.133

CVE-2024-11499

· Published 25/03/2025 13:15 · Modified 25/03/2025 13:15

Labels: CVE-2024-11499 2025-03-25CVE-2024-11499CWE-476[email protected]

Essential information

Published
25/03/2025 13:15
Modified
25/03/2025 13:15
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections. The affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
hitachi energy / rtu500 cpe:2.3:a:hitachi_energy:rtu500:*:*:*:*:*:*:*:*

References