This article details a critical vulnerability in Hitachi Energyβs AFS, AFR, and AFF series that can lead to data integrity issues and system disruptions. The flaw involves a forgery attack on the RADIUS protocol, affecting multiple product versions worldwide. #HitachiEnergy #CVE-2024-3596
Keypoints
- The vulnerability CVE-2024-3596 affects several Hitachi Energy product series including AFS, AFR, and AFF.
- The flaw allows local attackers to forge RADIUS protocol responses, risking data integrity and system availability.
- The vulnerability has a high severity score of 9 under CVSS v3, indicating critical risk.
- Organizations are advised to implement defensive measures such as network isolation and VPN use.
- No known public exploitation has been reported as of now, but proactive security practices are essential.
Read More: https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-03