CVE-2025-1445
Published: 25 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-1445 is a vulnerability in the RTU IEC 61850 client and server functionality on the RTU500 device, specifically affecting the CMU where the IEC61850 stack is configured using TLS. The flaw occurs when renegotiation of an open IEC61850 TLS connection takes place in specific timing situations during active IEC61850 communication, potentially impacting availability. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-820.
Unauthenticated attackers with network access can exploit this vulnerability with low complexity and no user interaction. By initiating TLS renegotiation at precise timings while IEC61850 communication is active, they can disrupt service availability on the affected RTU500 device, resulting in a denial-of-service condition.
Mitigation guidance is available in the vendor advisory published by Hitachi Energy at https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true. The vulnerability was published on 2025-03-25.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables unauthenticated network attackers to trigger DoS via TLS renegotiation timing flaw in the IEC61850 stack, directly mapping to application/system exploitation causing endpoint denial of service.