PatchSiren cyber security CVE debrief
CVE-2024-28021 Hitachi Energy CVE debrief
CVE-2024-28021 affects Hitachi Energy UNEM and is described as a flaw in the UNEM server/APIGateway that could allow unintended commands or code execution on the UNEM server. CISA rates the issue CVSS 8.0 HIGH, and Hitachi Energy lists multiple affected UNEM releases with version-specific remediation guidance.
- Vendor
- Hitachi Energy
- Product
- UNEM
- CVSS
- HIGH 7.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-11
- Original CVE updated
- 2024-10-29
- Advisory published
- 2024-06-11
- Advisory updated
- 2024-10-29
Who should care
Operators, integrators, and defenders responsible for Hitachi Energy UNEM deployments, especially in industrial control or OT environments. Priority is highest for systems running UNEM R16B PC2, R15B PC4, R16A, R15A, or any version older than R15A.
Technical summary
The advisory describes a vulnerability in the UNEM server/APIGateway that may permit unintended commands or code execution on the UNEM server. The supplied CVSS vector is CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N, indicating adjacent-network attack conditions, high attack complexity, no privileges required, no user interaction, and potential impact to confidentiality and integrity with scope change.
Defensive priority
High. The issue can lead to command execution or code execution in a vendor OT/ICS product, and the affected product family includes versions with no planned remediation for some EOL releases. Apply the vendor’s recommended updates and mitigation factors as soon as operationally feasible.
Recommended defensive actions
- Update UNEM R16B PC2 systems to the vendor-fixed release and then apply the vendor-recommended UNEM R16B PC4 update and general mitigation factors.
- For UNEM R15B PC4 systems, plan migration to UNEM R15B PC5 when available and apply general mitigation factors in the meantime.
- For UNEM R16A, R15A, and versions older than R15A, migrate to a supported remediated release; the advisory states no remediation will be available for EOL versions.
- Review network exposure around the UNEM server/APIGateway and restrict adjacent-network access to only trusted management paths.
- Follow CISA and vendor ICS defense-in-depth guidance for segmentation, least privilege, and monitoring of OT management interfaces.
Evidence notes
Source evidence comes from the CISA CSAF advisory ICSA-25-030-01 and the linked Hitachi Energy notice. The advisory explicitly identifies affected products as UNEM R16B PC2, UNEM R15B PC4, UNEM R16A, UNEM R15A, and UNEM older than R15A, and it states that the flaw could allow unintended commands or code execution on the UNEM server. The published CVSS vector is CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N.
Official resources
-
CVE-2024-28021 CVE record
CVE.org
-
CVE-2024-28021 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE-2024-28021 was published on 2024-06-11 in CISA CSAF advisory ICSA-25-030-01, revision 1.0.0. The source advisory and referenced Hitachi Energy notice were both published on the same date in the supplied corpus.