Hitachi Energy is aware of a buffer overflow vulnerability that affects e-mesh EMS product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages (denial of service) and possible arbitrary code execution. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation.
The following versions of Hitachi Energy e-mesh EMS are affected:
Hitachi Energy e-mesh EMS 4.1.6, 4.4.2, 4.7.0
Vendor
Equipment
Hitachi Energy
Hitachi Energy e-mesh EMS
Heap-based Buffer Overflow
Critical Infrastructure Sectors: Energy
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Switzerland
NGINX Plus and NGINX Open Source used in e-mesh EMS have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewri...