{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/cpes/cpe2.3aopensslopenssl/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","cpe:2.3:a:stormshield:endpoint_security:*:*:*:*:*:*:*:*","cpe:2.3:a:stormshield:sslvpn:*:*:*:*:*:*:*:*","cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":5.9,"id":"CVE-2022-4304"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["GMS600 versions 1.3.0 and 1.3.1"],"_cs_severities":["medium"],"_cs_tags":["bleichenbacher","timing attack","openssl","critical infrastructure"],"_cs_type":"advisory","_cs_vendors":["Hitachi Energy","OpenSSL"],"content_html":"\u003cp\u003eHitachi Energy GMS600 versions 1.3.0 and 1.3.1 are vulnerable to a timing-based side-channel attack (CVE-2022-4304) in the OpenSSL RSA decryption implementation. This vulnerability allows a remote attacker to recover plaintext data by exploiting observable discrepancies in processing times. The attack involves sending a large number of trial messages to the server and recording the time taken to process each one. Successful exploitation could allow an attacker to decrypt sensitive application data transmitted over the network. This vulnerability affects all RSA padding modes, including PKCS#1 v1.5, RSA-OEAP, and RSASVE. Hitachi Energy recommends upgrading to version 1.3.2 to mitigate this vulnerability, which was initially disclosed in June 2023 and updated in April 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker observes a genuine TLS connection between a client and a server using RSA for key exchange.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a series of trial messages specifically designed to exploit the timing vulnerability in OpenSSL\u0026rsquo;s RSA decryption implementation.\u003c/li\u003e\n\u003cli\u003eAttacker sends these trial messages to the GMS600 server.\u003c/li\u003e\n\u003cli\u003eThe GMS600 server processes each trial message, and the attacker records the time taken for each processing attempt.\u003c/li\u003e\n\u003cli\u003eAttacker analyzes the timing data to identify subtle variations in processing times related to the structure of the encrypted pre-master secret.\u003c/li\u003e\n\u003cli\u003eAfter a sufficiently large number of messages, the attacker recovers the pre-master secret used for the original connection.\u003c/li\u003e\n\u003cli\u003eAttacker decrypts the application data sent over that connection using the recovered pre-master secret.\u003c/li\u003e\n\u003cli\u003eAttacker gains unauthorized access to sensitive information transmitted between the client and server.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2022-4304 allows an attacker to decrypt sensitive data transmitted over the network, potentially compromising critical manufacturing processes controlled by the GMS600. Given the wide deployment of GMS600 in critical infrastructure sectors worldwide, this vulnerability poses a significant risk to operational technology environments. Impact could range from loss of confidentiality to unauthorized control of industrial processes.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately upgrade Hitachi Energy GMS600 to version 1.3.2 to address the vulnerability (CVE-2022-4304).\u003c/li\u003e\n\u003cli\u003eImplement network segmentation and firewall rules to minimize network exposure of control system devices as described in the \u0026ldquo;General Mitigation Factors\u0026rdquo; section of the advisory.\u003c/li\u003e\n\u003cli\u003eEnforce ingress IP allowlisting and traffic rate limiting to protect the control network from external attacks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-21T16:12:35Z","date_published":"2026-05-21T16:12:35Z","id":"https://feed.craftedsignal.io/briefs/2026-05-hitachi-gms600-bleichenbacher/","summary":"Hitachi Energy GMS600 versions 1.3.0 and 1.3.1 are affected by CVE-2022-4304, a vulnerability in the OpenSSL RSA Decryption implementation; an attacker could exploit this timing-based side channel to recover plaintext across a network in a Bleichenbacher-style attack by sending trial messages to the server and recording processing times, eventually decrypting application data.","title":"Hitachi Energy GMS600 Vulnerable to Bleichenbacher Attack via CVE-2022-4304","url":"https://feed.craftedsignal.io/briefs/2026-05-hitachi-gms600-bleichenbacher/"}],"language":"en","title":"CraftedSignal Threat Feed — Cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","version":"https://jsonfeed.org/version/1.1"}