—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Radius MD5 Vulnerability in Hitachi Energy XMC20 product

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Systems Affected

XMC20 version R18

XMC20 version R17A and prior

Overview

A vulnerability in RADIUS protocol affects Hitachi Energy XMC20 series of industrial telecommunication network elements. This vulnerability can be exploited by an unauthenticated attacker to perform forgery attacks thereby impacting confidentiality, integrity and availability for the System.

Target Audience:

Organizations using Hitachi Electric¿s XMC20 series of network elements for industrial telecommunication.

Risk Assessment:

High risk of data disclosure, alteration and service disruption.

Impact Assessment:

Potential High impact on Confidentiality, Integrity and Availability of the System.

Description

XMC20 series of products are multi-service telecommunication network elements designed for mission-critical access and transport networks in industrial environments.

Vulnerability exists in the RADIUS protocol due to improper validation of integrity checks and enforcement of message integrity during transmission.

An unauthenticated attacker could exploit this vulnerability by modifying valid RADIUS authentication responses to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature leading to unauthorized access, data disclosure, data alteration or service disruption on affected devices.

Workaround

Hitachi Electric recommends to follow the General Mitigations/ Workarounds available at:

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000233&LanguageCode=en

Solution

Upgrade the affected product to the version R18 and enable RADIUS Message-Authenticator option in the RADIUS configuration of XMC20 and the RADIUS Server.

Vendor Information

Hitachi Energy

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000233&LanguageCode=en

References

Hitachi Energy

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000233&LanguageCode=en

CISA

https://www.cisa.gov/news-events/ics-advisories/icsa-26-036-05

CVE Name

CVE-2024-3596

– – – —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

– —–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmm6l6gACgkQ3jCgcSdc

ys9HrBAAqOQtoCNAzVrPIpzMLmId+IdE1g5JavIotnqUfUkPARILAvip0CvEIEH7

AHRmeLqbzmScf7/EuUxbggP4+RTkHOXAceq+P6iqWqQRbiWfReYzxHTgtDl/N9Wy

ujmSp29DOjmfEN68QlFutC/7gS1CpsJFdRSYDiRNr4btlQfD4QBStAqFDpTyFQaP

OWCDnQP7fp5ghK4bEg2AVOtgWHJYD22IFEBpGfIgPL3EoyXmWS6hF2FCUqldL1Zx

k/2cQTKVh8keDjdePZCNxZFH9Za32Z2j19/BbSWk6jakxTT6DFQ1lc/+U97qHhvn

71aomPcHsibgfBEYjmndmNSTNnt7HutkCxFvBkCDec2NwOyQai47iJx9g1fVlWMj

XqcKxV5k4q9vRq1NZ8SVvsuVlPfWom16wWn0DgW1AHdijdrKzoavxU6Q3GIHPezq

PcyryEB+uEPaO8hs56+5KWhMbUAQ2qcauSD/Ej2gdJoMtYyi6ZQaeaP4w1c2ZG4t

3/SgmxOvtAGA0IO6ufVjzWMDG9wpLNXzO7X0JcO+zW8G9imHXwUZyeMc5+sGtr/X

cgJSQfdlEbDwIhzXYtzkAWiotJlUlpNcVi+WLQQVnxjRhac3Ars+CRGVdQ6xxr53

exGhF66GGQKJSW57JDafasrTD2IIMVuDY7ycpPFXfQAxfVXcjX8=

=ofkm

– —–END PGP SIGNATURE—–

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmm6mAcACgkQ3jCgcSdc

ys9TsA/+NMFBrXgqMEn3C5T/iQgWpD/jX3Jm+9rHjKQs76l3Tay/K1QHb+iE2EVH

HX6Ay6FOdFp931Wu4lq91c8l0A2L7b/oIBH9AxIErh92Nv+nJ2+lpcZh5QkDRg7W

7EMIeJgIsSD+cReNxTU14NC8TW+kKorfjIEpIoJ5yp7CD5oKwiaXwb7JCTUv4VT+

3zuTEsfM0QR/PjvpE0my/iIQYNKLtcu2WNxKtkehgnJsORJHfyqvWkRwCK0vT97J

t8wF7+qEsGkfwSc7ttYiaIMMq4MlwsPiPcQuf4XPD+nqb0XsCaEahU+/ROz998v7

ehFqfXoLkTgiI0XFdiMqR89ddDcQgtJ65NqLKhqTdVDipi39O/WavYVpvkrm3jk/

Kdu7yp5gSI5HLTqKOVKjy2HcIVN3oHRXXfOSAcXRMSh4TIjtQCRahRTPyZSWKHO2

OBixf5Xm7xM6eZraGz2kThkP5HzovfJpB62180ckZl6PekexNUGBMr1BkYyB+tZ+

3iE+gsmFu61FwjQ8vHpNNlkml/FS0mHieqyccqHh9gcIPYcZI5FpJ3LfBUMAZcvl

aFRpa365nvHE7ROLLFfSiDX9UeFR3YPjXuxb3mx85xRwYnqsqeoIS4+C8m8lZqnU

drVxuQWwt9v6x3XFTfU2oBP8wLhNna3XTwJk/FYm/2hop1Lyjdc=

=PZz8

—–END PGP SIGNATURE—–