CVE-2022-29492 : Vulnerability Insights and Analysis
Learn about CVE-2022-29492 impacting Hitachi Energy's MicroSCADA X SYS600 and MicroSCADA Pro SYS600. Discover the vulnerabilities, impacts, and mitigation steps for proper cybersecurity protection.
A vulnerability exists in the handling of a malformed IEC 104 TCP packet in Hitachi Energy's MicroSCADA X SYS600 and MicroSCADA Pro SYS600. Learn more about the impact, technical details, and mitigation steps.
Understanding CVE-2022-29492
This CVE describes an Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in Hitachi Energy's MicroSCADA X SYS600 and MicroSCADA Pro SYS600.
What is CVE-2022-29492?
The vulnerability allows an attacker to send a malformed IEC 104 TCP packet, which can lead to a denial-of-service by leaving the TCP connection open.
The Impact of CVE-2022-29492
The base severity of this CVE is rated as MEDIUM with a base score of 5.3. The attack complexity is LOW, and the availability impact is LOW. The vulnerability affects versions of Hitachi Energy's MicroSCADA Pro SYS600 up to 9.4 FP2 Hotfix 4 and MicroSCADA X SYS600 up to version 10.3.1.
Technical Details of CVE-2022-29492
Vulnerability Description
Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, but the TCP connection remains open, potentially leading to a denial-of-service scenario.
Affected Systems and Versions
The vulnerability impacts Hitachi Energy's MicroSCADA Pro SYS600 versions up to 9.4 FP2 Hotfix 4 and MicroSCADA X SYS600 versions up to 10.3.1.
Exploitation Mechanism
The vulnerability is exploited by sending a malformed IEC 104 TCP packet, which can cause a denial-of-service if the connection is left open.
Mitigation and Prevention
Immediate Steps to Take
Apply general mitigation factors as specified in the advisory to reduce the risk of exploitation.
Long-Term Security Practices
Upgrade to at least SYS600 version 10.4 for both MicroSCADA Pro SYS600 and MicroSCADA X SYS600 to remediate the vulnerability.
Patching and Updates
Hitachi Energy has released SYS600 version 10.4 to address the CVE-2022-29492 vulnerability. For MicroSCADA Pro SYS600, it is recommended to upgrade to at least SYS600 version 10.4. Similarly, for MicroSCADA X SYS600, updating to at least SYS600 version 10.4 is advised.