PatchSiren cyber security CVE debrief
CVE-2024-28023 Hitachi Energy CVE debrief
CVE-2024-28023 affects Hitachi Energy UNEM and centers on the product’s message queueing mechanism. According to the advisory corpus, successful abuse could expose resources or functionality to unintended actors and may lead to sensitive information disclosure or, in the worst case, arbitrary code execution. The issue was publicly documented on 2024-06-11 and is scored Medium (CVSS 5.7).
- Vendor
- Hitachi Energy
- Product
- UNEM
- CVSS
- MEDIUM 5.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-11
- Original CVE updated
- 2024-10-29
- Advisory published
- 2024-06-11
- Advisory updated
- 2024-10-29
Who should care
Operators, maintainers, and integrators using Hitachi Energy UNEM R16B PC2, R15B PC4, R16A, R15A, or older releases should review this issue. It is especially relevant for industrial-control environments where local administrative access exists, privileged accounts are shared, or patching is delayed.
Technical summary
The advisory describes a flaw in UNEM’s message queueing mechanism that can let unintended actors reach resources or functionality they should not access. The published CVSS vector (AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L) indicates exploitation requires local access and high privileges, with potential impact across confidentiality, integrity, and availability. The supplied corpus does not provide exploit details, only the impact profile and vendor remediation guidance.
Defensive priority
Medium priority: plan remediation promptly, but the local-access/high-privilege requirements mean the most urgent attention should go to systems where privileged access is broad or poorly controlled.
Recommended defensive actions
- Update affected UNEM systems to the vendor-fixed releases where available: R16B PC4 is the recommended target for R16B PC2; R15B PC5 is the planned target for R15B PC4 once released.
- For R16A, R15A, and releases older than R15A, plan migration to supported versions because the advisory states no remediation will be available for EOL versions.
- Apply the vendor’s general mitigation factors and CISA ICS recommended practices, including least privilege, access restriction, segmentation, and defense-in-depth.
- Review which hosts and accounts can reach UNEM’s local management and message-queueing functions, and reduce unnecessary privileged access paths.
- Validate patching and mitigation changes in a maintenance window before broad rollout, especially in operational environments where service disruption is costly.
Evidence notes
This debrief is based only on the supplied CISA CSAF advisory record for ICSA-25-030-01/CVE-2024-28023 and the linked Hitachi Energy advisory preview. The advisory lists affected products as UNEM R16B PC2, R15B PC4, R16A, R15A, and older than R15A. Remediation entries state that R16B PC3 was fixed, R16B PC4 is the recommended update, R15B PC5 is under development, and EOL versions have no remediation planned. The supplied enrichment marks this as not in CISA KEV, and no known ransomware campaign use is provided.
Official resources
-
CVE-2024-28023 CVE record
CVE.org
-
CVE-2024-28023 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the CISA CSAF advisory and referenced vendor advisory on 2024-06-11. No KEV listing is present in the supplied data.