ICSA-24-319-16

Vulnerability from csaf_cisa - Published: 2024-10-29 00:00 - Updated: 2026-05-05 06:00
Summary
Hitachi Energy MSM (Update A)
Severity
High
Notes
Summary: Hitachi Energy has assessed public reports of vulnerabilities initially believed to affect certain versions of the MSM product. Following further technical analysis and validation, Hitachi Energy has determined that the previously referenced product versions are not affected by these vulnerabilities. No customer action is required. Please consult the Recommended Immediate Actions Section for further advice.
Notice: The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energy provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall Hitachi Energy or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if Hitachi Energy or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from Hitachi Energy and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.
Support: For additional information and support please contact your product provider or Hitachi Energy service organization. For contact information, see https://www.hitachienergy.com/contact-us/ for Hitachi Energy contact-centers.
General Mitigation Factors: MSM is not intrinsically designed to be directly connected to the internet. Disconnect the device from any internet-facing network, if any installation has performed the same. It is recommended to adopt user access management controls and state-of-the-art antivirus software equipped with the latest signature rules on computers that have the MSM Client application installed and running. As an example, please use the operating system's (OS) built-in user access management functionality, if supported, to limit the probability of unauthorized access followed by rogue commands via MSM Client application. It is also recommended to follow the hardening guidelines published by the Center for Internet Security (CIS) https://www.cisecurity.org/about-us/ to protect the host operating system of computers that connect with MSM. This measure would then prevent the lateral movement of the attack vector into MSM via these connected devices. Some examples for Windows-based computers are listed here. 1) CIS Microsoft Windows Desktop Benchmarks (cisecurity.org) 2) CIS Microsoft Windows Server Benchmarks (cisecurity.org)
Critical infrastructure sectors: Energy
Countries/areas deployed: Worldwide
Company headquarters location: Switzerland
SSVC: SSVCv2/E:N/A:N/2026-04-22T14:47:49Z/
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Hitachi Energy PSIRT 8DBD000205 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Hitachi Energy PSIRT directly for any questions regarding this advisory.
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability. Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet. Locate control system networks and remote devices behind firewalls and isolate them from business networks. When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CVE-2024-2398

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.

8.6 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
CWE-772 - Missing Release of Resource after Effective Lifetime
Mitigation Hitachi Energy recommends following general mitigation factors. MSM is not intrinsically designed to be directly connected to the internet. Disconnect the device from any internet-facing network, if any installation has performed the same. It is recommended to adopt user access management controls and state-of-the-art antivirus software equipped with the latest signature rules on computers that have the MSM Client application installed and running. As an example, please use the operating system's (OS) built-in user access management functionality, if supported, to limit the probability of unauthorized access followed by rogue commands via MSM Client application. It is also recommended to follow the hardening guidelines published by the Center for Internet Security (CIS) https://www.cisecurity.org/about-us/ to protect the host operating system of computers that connect with MSM. This measure would then prevent the lateral movement of the attack vector into MSM via these connected devices. Some examples for Windows-based computers are listed here. 1) CIS Microsoft Windows Desktop Benchmarks (cisecurity.org) 2) CIS Microsoft Windows Server Benchmarks (cisecurity.org) Cybersecurity Advisory - Industrial Control Systems Cybersecurity Best Practices https://publisher.hitachienergy.com/preview?DocumentID=8DBD000235&LanguageCode=en&DocumentPartId=&Action=Launch
CVE-2019-5097

A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the form of GET or POST requests and does not require the requested resource to exist on the server.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Mitigation Hitachi Energy recommends following general mitigation factors. MSM is not intrinsically designed to be directly connected to the internet. Disconnect the device from any internet-facing network, if any installation has performed the same. It is recommended to adopt user access management controls and state-of-the-art antivirus software equipped with the latest signature rules on computers that have the MSM Client application installed and running. As an example, please use the operating system's (OS) built-in user access management functionality, if supported, to limit the probability of unauthorized access followed by rogue commands via MSM Client application. It is also recommended to follow the hardening guidelines published by the Center for Internet Security (CIS) https://www.cisecurity.org/about-us/ to protect the host operating system of computers that connect with MSM. This measure would then prevent the lateral movement of the attack vector into MSM via these connected devices. Some examples for Windows-based computers are listed here. 1) CIS Microsoft Windows Desktop Benchmarks (cisecurity.org) 2) CIS Microsoft Windows Server Benchmarks (cisecurity.org) Cybersecurity Advisory - Industrial Control Systems Cybersecurity Best Practices https://publisher.hitachienergy.com/preview?DocumentID=8DBD000235&LanguageCode=en&DocumentPartId=&Action=Launch
References
Acknowledgments
Hitachi Energy
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Hitachi Energy",
        "summary": "reported these vulnerabilities to CISA."
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.first.org/cvss/specification-document",
      "text": "HIGH"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "Hitachi Energy has assessed public reports of vulnerabilities initially believed to affect certain versions of the MSM product. Following further technical analysis and validation, Hitachi Energy has determined that the previously referenced product versions are not affected by these vulnerabilities. No customer action is required. Please consult the Recommended Immediate Actions Section for further advice.",
        "title": "Summary"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energy provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall Hitachi Energy or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if Hitachi Energy or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from Hitachi Energy and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.",
        "title": "Notice"
      },
      {
        "category": "general",
        "text": "For additional information and support please contact your product provider or Hitachi Energy service organization. For contact information, see https://www.hitachienergy.com/contact-us/ for Hitachi Energy contact-centers.",
        "title": "Support"
      },
      {
        "category": "general",
        "text": "MSM is not intrinsically designed to be directly connected to the internet. Disconnect the device from any internet-facing network, if any installation has performed the same. It is recommended to adopt user access management controls and state-of-the-art antivirus software equipped with the latest signature rules on computers that have the MSM Client application installed and running. As an example, please use the operating system\u0027s (OS) built-in user access management functionality, if supported, to limit the probability of unauthorized access followed by rogue commands via MSM Client application.\nIt is also recommended to follow the hardening guidelines published by the Center for Internet Security (CIS) https://www.cisecurity.org/about-us/ to protect the host operating system of computers that connect with MSM. This measure would then prevent the lateral movement of the attack vector into MSM via these connected devices. Some examples for Windows-based computers are listed here. \n 1) CIS Microsoft Windows Desktop Benchmarks (cisecurity.org) \n 2) CIS Microsoft Windows Server Benchmarks (cisecurity.org)",
        "title": "General Mitigation Factors"
      },
      {
        "category": "other",
        "text": "Energy",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Switzerland",
        "title": "Company headquarters location"
      },
      {
        "category": "details",
        "text": "SSVCv2/E:N/A:N/2026-04-22T14:47:49Z/",
        "title": "SSVC"
      },
      {
        "category": "legal_disclaimer",
        "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
        "title": "Legal Notice and Terms of Use"
      },
      {
        "category": "other",
        "text": "This ICSA is a verbatim republication of Hitachi Energy PSIRT 8DBD000205 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory.  Further, CISA does not endorse any commercial product or service.  Please contact Hitachi Energy PSIRT directly for any questions regarding this advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability. Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet. Locate control system networks and remote devices behind firewalls and isolate them from business networks. When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-24-319-16 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-319-16.json"
      },
      {
        "category": "self",
        "summary": "HTTP based Web Services Vulnerabilities in Hitachi Energy\u2019s MSM Product",
        "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000205\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=launch"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-24-319-16 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-16"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
      }
    ],
    "title": "Hitachi Energy MSM (Update A)",
    "tracking": {
      "current_release_date": "2026-05-05T06:00:00.000000Z",
      "generator": {
        "date": "2026-04-28T23:27:57.661932Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.5.0"
        }
      },
      "id": "ICSA-24-319-16",
      "initial_release_date": "2024-10-29T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2024-10-29T00:00:00.000000Z",
          "legacy_version": "Revision 1",
          "number": "1",
          "summary": "Initial public release."
        },
        {
          "date": "2024-11-14T07:00:00.000000Z",
          "legacy_version": "CISA Republication",
          "number": "2",
          "summary": "CISA Republication - Initial Publication"
        },
        {
          "date": "2026-04-28T00:00:00.000000Z",
          "legacy_version": "Revision 2",
          "number": "3",
          "summary": "Affected Products: None"
        },
        {
          "date": "2026-05-05T06:00:00.000000Z",
          "legacy_version": "CISA Update A",
          "number": "4",
          "summary": "CISA Republication update based on Hitachi Energy 8DBD000205 advisory"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:msm/*",
                "product": {
                  "name": "MSM all versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "MSM"
          }
        ],
        "category": "vendor",
        "name": "Hitachi Energy"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "description",
          "text": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application."
        }
      ],
      "product_status": {
        "known_not_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2024-2398",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/772.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Hitachi Energy recommends following general mitigation factors. MSM is not intrinsically designed to be directly connected to the internet. Disconnect the device from any internet-facing network, if any installation has performed the same. It is recommended to adopt user access management controls and state-of-the-art antivirus software equipped with the latest signature rules on computers that have the MSM Client application installed and running. As an example, please use the operating system\u0027s (OS) built-in user access management functionality, if supported, to limit the probability of unauthorized access followed by rogue commands via MSM Client application. It is also recommended to follow the hardening guidelines published by the Center for Internet Security (CIS) https://www.cisecurity.org/about-us/ to protect the host operating system of computers that connect with MSM. This measure would then prevent the lateral movement of the attack vector into MSM via these connected devices. Some examples for Windows-based computers are listed here.  1) CIS Microsoft Windows Desktop Benchmarks (cisecurity.org) 2) CIS Microsoft Windows Server Benchmarks (cisecurity.org) Cybersecurity Advisory - Industrial Control Systems Cybersecurity Best Practices https://publisher.hitachienergy.com/preview?DocumentID=8DBD000235\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2019-5097",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the form of GET or POST requests and does not require the requested resource to exist on the server."
        }
      ],
      "product_status": {
        "known_not_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2019-5097",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5097"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-5097"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/835.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Hitachi Energy recommends following general mitigation factors. MSM is not intrinsically designed to be directly connected to the internet. Disconnect the device from any internet-facing network, if any installation has performed the same. It is recommended to adopt user access management controls and state-of-the-art antivirus software equipped with the latest signature rules on computers that have the MSM Client application installed and running. As an example, please use the operating system\u0027s (OS) built-in user access management functionality, if supported, to limit the probability of unauthorized access followed by rogue commands via MSM Client application. It is also recommended to follow the hardening guidelines published by the Center for Internet Security (CIS) https://www.cisecurity.org/about-us/ to protect the host operating system of computers that connect with MSM. This measure would then prevent the lateral movement of the attack vector into MSM via these connected devices. Some examples for Windows-based computers are listed here.  1) CIS Microsoft Windows Desktop Benchmarks (cisecurity.org) 2) CIS Microsoft Windows Server Benchmarks (cisecurity.org) Cybersecurity Advisory - Industrial Control Systems Cybersecurity Best Practices https://publisher.hitachienergy.com/preview?DocumentID=8DBD000235\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2019-5097"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.