CVE-2024-11499
Published: 25 March 2025
Summary
CVE-2024-11499 is a medium-severity NULL Pointer Dereference (CWE-476) vulnerability in Hitachienergy (inferred from references). Its CVSS base score is 6.9 (Medium).
Operationally, ranked at the 40.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-54521
Vulnerability details
A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections. The affected CMU…
more
will automatically recover itself if an attacker successfully exploits this vulnerability.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.