CVE-2024-41156

Profile files from TRO600 series radios are extracted in plain-text
and encrypted file formats. Profile files provide potential attackers
valuable configuration information about the Tropos network. Profiles
can only be exported by authenticated users with higher privilege of write access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.7 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Hitachi EnergyCNA
2.7 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
hitachienergytro610_firmware
9.1.0.0 ≤
𝑥
< 9.2.0.5
hitachienergytro620_firmware
9.1.0.0 ≤
𝑥
< 9.2.0.5
hitachienergytro670_firmware
9.1.0.0 ≤
𝑥
< 9.2.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000147&LanguageCode=en&DocumentPartId=&Action=launch