1. EXECUTIVE SUMMARY
- CVSS v3 7.2
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: TRO600 Series
- Vulnerabilities: Command Injection, Improper Removal of Sensitive Information Before Storage or Transfer
2. RISK EVALUATION
Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensively than the write privilege intends. Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with write access.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following products of Hitachi Energy are affected:
- Hitachi Energy TRO600 series firmware versions: 9.0.1.0 – 9.2.0.0 (CVE-2024-41156)
- Hitachi Energy TRO600 series firmware versions: 9.1.0.0 – 9.2.0.0 (CVE-2024-41153)
3.2 Vulnerability Overview
3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND (‘COMMAND INJECTION’) CWE-77
Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensive than what the write privilege intends.
CVE-2024-41153 has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been assigned; the CVSS vector string is (This article has been indexed from All CISA Advisories