1. EXECUTIVE SUMMARY
- CVSS v4 8.9
- ATTENTION: Exploitable remotely
- Vendor: Hitachi Energy
- Equipment: MACH SCM
- Vulnerabilities: Improper Control of Generation of Code, Improper Neutralization of Directives in Dynamically Evaluated Code
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in an execution of arbitrary code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of MACH SCM, are affected:
- MACH SCM: Versions 4.0 to 4.5.x
- MACH SCM: Versions 4.6 to 4.38
3.2 Vulnerability Overview
3.2.1 IMPROPER CONTROL OF GENERATION OF CODE CWE-94
SCM Software is a client and server application. An Authenticated System manager client can execute LINQ query in the SCM server, for customized filtering. An Authenticated malicious client can send a specially crafted code to skip the validation and execute arbitrary code (RCE) on the SCM Server remotely. Malicious clients can execute any command by using this RCE vulnerability.
CVE-2024-0400 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-0400. A base score of 8.9 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:L).