Product
Hitachi Energy GMS600 versions 1.3.0 and 1.3.1 are affected by CVE-2022-4304, a vulnerability in the OpenSSL RSA Decryption implementation; an attacker could exploit this timing-based side channel to recover plaintext across a network in a Bleichenbacher-style attack by sending trial messages to the server and recording processing times, eventually decrypting application data.