Hitachi Energy TRO600
Plan Patch7.2ICS-CERT ICSA-24-317-02Nov 12, 2024
Attack VectorNetwork
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary
Hitachi Energy TRO600 series routers contain command injection vulnerabilities in the edge computing functionality (CVE-2024-41153) and configuration utility (CVE-2024-41156). Affected firmware versions 9.0.1.0 through 9.2.0.0 allow an authenticated administrator to execute arbitrary system commands on the device. No known public exploitation has been reported.
What this means
What could happen
An attacker with administrative credentials could execute arbitrary system commands on the TRO600 router, potentially disrupting energy distribution operations or altering network routing and control traffic.
Who's at risk
Hitachi Energy TRO600 series routers used in electric utility SCADA networks and energy distribution systems. Organizations operating these devices for network edge computing or configuration management should prioritize assessment and remediation.
How it could be exploited
An attacker with administrator-level access to the TRO600 management interface (either the edge computing functionality or configuration utility) can inject commands that the device executes with system privileges. This requires the attacker to already be authenticated or to compromise valid administrative credentials.
Prerequisites
- Valid administrator credentials for TRO600 management interface
- Network access to the TRO600 management port
- Affected firmware version (9.0.1.0 through 9.2.0.0)
High severity vulnerabilityRequires high privileges but leads to full system compromiseCould disrupt energy distribution operationsAffects industrial routers in critical infrastructure
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Hitachi Energy TRO600 series firmware versions: >=9.1.0.0|<=9.2.0.0≥ 9.1.0.0|≤ 9.2.0.09.2.0.5
Hitachi Energy TRO600 series firmware versions: >=9.0.1.0|<=9.2.0.0≥ 9.0.1.0|≤ 9.2.0.09.2.0.5
Remediation & Mitigation
0/5
Do now
0/1WORKAROUNDRestrict network access to the TRO600 management interface using firewall rules; expose only essential ports
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate Hitachi Energy TRO600 series firmware to version 9.2.0.5 or later
Long-term hardening
0/3HARDENINGEnsure TRO600 devices are not directly connected to the Internet and are separated from business networks by a firewall
HARDENINGImplement administrator credential management and restrict who can access the TRO600 management interface
HARDENINGScan portable computers and removable media for malware before connecting to the control network
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/a430178f-9fca-4924-9f42-9ddaab4e59c0