PatchSiren cyber security CVE debrief
CVE-2024-2012 Hitachi Energy CVE debrief
CVE-2024-2012 is a critical vulnerability in Hitachi Energy UNEM’s server/APIGateway that, if exploited, could allow unintended commands or code to execute on the UNEM server. The supplied CISA CSAF advisory lists multiple affected releases and notes both fixed and planned remediation paths. No CISA KEV entry is indicated in the provided enrichment.
- Vendor
- Hitachi Energy
- Product
- UNEM
- CVSS
- CRITICAL 9.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-11
- Original CVE updated
- 2024-10-29
- Advisory published
- 2024-06-11
- Advisory updated
- 2024-10-29
Who should care
Operators, integrators, and defenders responsible for Hitachi Energy UNEM deployments, especially environments running UNEM R16B PC2, R15B PC4, R16A, R15A, or versions older than R15A.
Technical summary
The source corpus describes a vulnerability in the UNEM server / APIGateway that could permit unintended commands or code execution on the UNEM server. The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H, which indicates network reachability, low attack complexity, high privileges required, no user interaction, and severe impact if successfully exploited. The advisory identifies affected UNEM product lines and provides version-specific remediation guidance.
Defensive priority
Critical / urgent. Prioritize exposure review and upgrade planning for affected UNEM deployments, with immediate attention to supported fixed releases and migration off EOL versions.
Recommended defensive actions
- Update supported deployments to the vendor-fixed release path noted in the advisory: UNEM R16B PC4 is recommended, and the advisory states R16B PC3 contains the fix.
- For UNEM R15B PC4, plan to move to UNEM R15B PC5 when available; the advisory says it is under development.
- Treat UNEM R16A, R15A, and versions older than R15A as end-of-life with no remediation available; migrate to supported versions as soon as possible.
- Apply the vendor’s general mitigation factors and follow CISA ICS recommended practices and defense-in-depth guidance.
- Review access to the UNEM server/APIGateway and limit exposure to only the systems and users that require it, consistent with ICS hardening guidance.
Evidence notes
The source item is a CISA CSAF advisory for Hitachi Energy UNEM (ICSA-25-030-01) that explicitly lists affected versions and remediation. The advisory description states that exploitation could allow unintended commands or code to be executed on the UNEM server. The vendor reference and CISA advisory references in the corpus corroborate the issue and remediation path. The supplied corpus does not provide exploit details beyond the high-privilege CVSS context.
Official resources
-
CVE-2024-2012 CVE record
CVE.org
-
CVE-2024-2012 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2024-06-11 in the supplied CISA CSAF advisory and related official references. This debrief uses the published CVE date from the source corpus and does not infer any earlier issue date.