CISA

Hitachi Energy e-mesh EMS

From Cybersecurity and Infrastructure Security Agency ↗

Hitachi Energy is aware of a buffer overflow vulnerability that affects e-mesh EMS product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages (denial of service) and possible arbitrary code execution. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation.

The following versions of Hitachi Energy e-mesh EMS are affected:

Hitachi Energy e-mesh EMS 4.1.6, 4.4.2, 4.7.0

Vendor

Equipment

Hitachi Energy

Hitachi Energy e-mesh EMS

Heap-based Buffer Overflow

Critical Infrastructure Sectors: Energy

Countries/Areas Deployed: Worldwide

Company Headquarters Location: Switzerland

NGINX Plus and NGINX Open Source used in e-mesh EMS have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewri...