Vulnerabilites related to hitachienergy - relion_650
Vulnerability from fkie_nvd
Published
2021-06-14 22:15
Modified
2024-11-21 05:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00D11467-7696-4FDB-B8DD-F2917157668B",
"versionEndExcluding": "1.2.3.20",
"versionStartIncluding": "1.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28590C3A-A815-49A1-A829-520EACB98419",
"versionEndExcluding": "2.0.0.13",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0DA2128-1DAC-4A6C-B603-C378BE6FB913",
"versionEndExcluding": "2.2.0.13",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "640A3E39-8ACD-4239-A4F4-C56D9EC552F5",
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B4A6B2-D92C-4BB9-BFB8-9211B90EB46F",
"versionEndExcluding": "2.2.2.3",
"versionStartIncluding": "2.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F16220A2-64E7-4203-9CCB-5D4F6BFD82CD",
"versionEndExcluding": "2.2.3.2",
"versionStartIncluding": "2.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E90A092F-3851-4255-8671-C4DFD2C98515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F147EE7-0312-4BA6-ABAB-31CCFCA5AA75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D91C6882-0A32-4262-8AD1-9FF6CD394C73",
"versionEndExcluding": "1.3.0.7",
"versionStartIncluding": "1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA7C4BD-7161-4D15-AD98-23E12AC3C9A0",
"versionEndExcluding": "2.2.0.13",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C55FB92E-DCA9-494E-8A9F-E15338C1BBF8",
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC40F16C-2EE1-4AEE-BF48-793EFBECDACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01F1DA45-C118-4F65-B4F4-FD6A88441711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C01C39-A91C-437F-BAF9-7E578D703685",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D898A4-F841-4B84-90DB-86DE309B873C",
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73E9D1A-1DFE-4B7C-81F1-0809071A3DDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "418011E9-2321-4441-B94F-D301BB2B8E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFCBB24F-E33A-458C-82DC-38C94396E154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B26BAAA-1B1D-4044-ABEA-D3EF94CE000D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05421226-9147-40AF-8745-58F797EB35CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A9BEC4B-E339-44AE-9965-801E20F19D9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA3F33A-8787-4128-A790-685BCB272A82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE94252D-03EE-451B-8322-B4DBC790C6E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE12CFF-2C17-45CB-A022-12D47A3FB329",
"versionEndExcluding": "7.60.19",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9273FD4-AD73-47E3-A768-640380172C13",
"versionEndExcluding": "8.2.0.5",
"versionStartIncluding": "8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38B88E99-B0DB-4175-A2DE-7DC6FEA35493",
"versionEndIncluding": "8.3.1.0",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0325854D-52C2-4126-8805-638243FD708E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F035CC8-4942-4C58-A019-4010771B0DB7",
"versionEndExcluding": "r2a16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE327A1-E89A-4A6F-87C7-D2EFF0433380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9152BE01-EF40-474D-9895-006C730791A1",
"versionEndExcluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CBD92D1-045F-44D8-99B1-12C28B0271F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:gms600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "898A2A1A-0874-421B-B673-9DBDD1D00BAE",
"versionEndIncluding": "1.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:gms600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB13E178-8C41-4FDB-89AE-23D0A9930B94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBB5AAB-60E6-4A9E-A4B4-0B26ECA49340",
"versionEndExcluding": "1.0.1.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "955382CE-CDF8-4706-83AC-C4DC616F84E4",
"versionEndExcluding": "1.1.0.1",
"versionStartIncluding": "1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:pwc600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CBFF7D-3B2E-4FA5-9E0C-15B78AFC8165",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1."
},
{
"lang": "es",
"value": "Una vulnerabilidad de comprobaci\u00f3n inapropiada de la entrada en Hitachi ABB Power Grids Relion 670, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600, permite a un atacante con acceso a la red IEC 61850 que conozca c\u00f3mo reproducir el ataque, as\u00ed como las direcciones IP de los diferentes puntos de acceso IEC 61850 (de los IED/productos), pueda forzar el reinicio del dispositivo, lo que lo deja inoperativo durante aproximadamente 60 segundos. Esta vulnerabilidad afecta \u00fanicamente a los productos con interfaces IEC 61850. Este problema afecta a: Hitachi ABB Power Grids Relion 670 Series versiones 1.1; versiones 1.2.3 anteriores a 1.2.3.20; versiones 2.0 anteriores a 2.0.0.13; versiones 2.1; versiones 2.2.2 anteriores a 2.2.2.3; 2.2.3 anteriores a 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series versiones 2.2.0 anteriores a 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO versiones 2.2.1 anteriores a 2.2.1.6. Hitachi ABB Power Grids Relion 650 versiones 1.1; 1.2; versiones 1.3 anteriores a 1.3.0.7. Hitachi ABB Power Grids REB500 versiones 7.3; 7.4; versiones 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x versiones 7.x y versiones anteriores; versiones 8.x y versiones anteriores; versiones 9.x, 9.x y versiones anteriores; versiones 10.x .x y versiones anteriores; versiones 11.x y versiones anteriores; versiones 12.x y versiones anteriores. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 versiones R1D02 y anteriores. Hitachi ABB Power Grids MSM versiones 2.1.0 anteriores a 2.1.0. Hitachi ABB Power Grids GMS600 versiones 1.3.0, 1.3.0 y anteriores. Hitachi ABB Power Grids PWC600 versiones 1.0 anteriores a 1.0.1.4; versiones 1.1 anteriores a 1.1.0.1"
}
],
"id": "CVE-2021-27196",
"lastModified": "2024-11-21T05:57:32.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-14T22:15:11.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 16:15
Modified
2024-11-21 06:12
Severity ?
8.1 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachienergy | relion_670_firmware | * | |
| hitachienergy | relion_670_firmware | 2.2.0 | |
| hitachienergy | relion_670_firmware | 2.2.1 | |
| hitachienergy | relion_670_firmware | 2.2.2 | |
| hitachienergy | relion_670_firmware | 2.2.4 | |
| hitachienergy | relion_670 | - | |
| hitachienergy | relion_650_firmware | 2.2.0 | |
| hitachienergy | relion_650_firmware | 2.2.1 | |
| hitachienergy | relion_650_firmware | 2.2.4 | |
| hitachienergy | relion_650 | - | |
| hitachienergy | relion_sam600-io_firmware | 2.2.1 | |
| hitachienergy | relion_sam600-io | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA6F504-677B-4D61-BEBA-C5FF08B7EEC0",
"versionEndIncluding": "2.2.3.3",
"versionStartIncluding": "2.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B91C1D5F-FE14-4121-A7C8-16F08D652610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A59F3E51-D3D5-4846-B8AA-6BAD4BCCCCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E368A106-A236-4A42-8608-43F47EB4A2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F0B80-070C-4610-862B-346994BFEC51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA73DFC1-3953-48DB-BF8C-545BE5B7BFAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A406AD0-38C5-4C32-AA88-AA45EE97C315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "48B56792-02FF-4E3E-B306-DC58FED37128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5C50F4-CF04-4C13-868A-F7ECE49DE01B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73E9D1A-1DFE-4B7C-81F1-0809071A3DDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions."
},
{
"lang": "es",
"value": "Una vulnerabilidad Insecure Boot Image en Hitachi Energy Relion Relion 670/650/SAM600-IO series permite que un atacante que consiga acceder al puerto de red frontal y causar una secuencia de reinicio del dispositivo pueda explotar la vulnerabilidad, donde se presenta un peque\u00f1o espacio de tiempo durante el proceso de arranque en el que se carga una versi\u00f3n antigua de VxWorks antes del arranque del firmware de la aplicaci\u00f3n, podr\u00eda explotar la vulnerabilidad de la versi\u00f3n antigua de VxWorks y causar una denegaci\u00f3n de servicio en el producto. Este problema afecta a: Hitachi Energy Relion 670 Series versiones 2.2.2 todas las revisiones; versiones 2.2.3 versiones anteriores a 2.2.3.3. Hitachi Energy Relion 670/650 Series versiones 2.2.0 todas las revisiones; versiones 2.2.4 todas las revisiones. Hitachi Energy Relion 670/650/SAM600-IO versiones 2.2.1 todas las revisiones."
}
],
"id": "CVE-2021-35535",
"lastModified": "2024-11-21T06:12:27.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 6.0,
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T16:15:08.450",
"references": [
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000061\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000061\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-21 14:15
Modified
2024-11-21 07:19
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.
An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.
Already existing/established client-server connections are not affected.
List of affected CPEs:
* cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:sys600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC57CAB3-20C9-44D6-8677-17DBAC8FF49F",
"versionEndIncluding": "10.3.1",
"versionStartIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:sys600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42B6499F-D82D-4B02-BBEC-60B36FB0C678",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469A34A6-EBE4-431C-A986-888BAF525E3C",
"versionEndIncluding": "12.0.14.0",
"versionStartIncluding": "12.0.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "497CA762-15EB-486D-BCC7-742A44F0DF9D",
"versionEndIncluding": "12.2.11.0",
"versionStartIncluding": "12.2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC749956-FA2D-4B16-8401-C015712A934C",
"versionEndIncluding": "12.4.11.0",
"versionStartIncluding": "12.4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D25273A-BBD5-4619-93C4-92A12F301088",
"versionEndIncluding": "12.6.8.0",
"versionStartIncluding": "12.6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F726C7-E635-4525-984D-6EADBAA09933",
"versionEndIncluding": "12.7.4.0",
"versionStartIncluding": "12.7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0F3E7E-B079-4488-BED6-E07BDE63C421",
"versionEndIncluding": "13.2.5.0",
"versionStartIncluding": "13.2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D04CB998-0D74-4CD1-9F99-773103CB9979",
"versionEndIncluding": "13.3.3",
"versionStartIncluding": "13.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0763F03-C6C8-4104-9028-3CF265F289D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE94252D-03EE-451B-8322-B4DBC790C6E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "432FCDCF-03F2-4A0C-9ACA-73A012F43237",
"versionEndExcluding": "8.3.3",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0325854D-52C2-4126-8805-638243FD708E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91984E74-C518-472A-ADCF-3BF61781111B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF326E7-792D-434C-9211-F6CEB8B8F1C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7F2E89-2095-48F0-A8EA-0C13E10A9362",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:pwc600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CBFF7D-3B2E-4FA5-9E0C-15B78AFC8165",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A31EE60F-F80D-40AF-A7C8-8EA462E48918",
"versionEndIncluding": "2.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CBD92D1-045F-44D8-99B1-12C28B0271F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23F810B7-E97C-4530-A0C5-789D55F4CAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "427E4F50-4077-4515-B2EA-BF57D5A7489C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E44F3FA-1450-4467-A509-6DA42057B69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A67CF9CA-CDF6-4E87-A801-18B34D051A01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E327F624-ABE5-408D-AC34-EEE71024B689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27E57915-8250-4544-9F5B-FD520BA72F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F13838-1555-4206-A4D1-9AFECBBAFD33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C74028E3-6FD9-4EAE-BA31-CE1208096ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F86C507F-0E18-437C-A1A5-258825E78FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BE52382-38FA-488F-851D-598AED0C8B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93C5044A-4AB4-40EF-976F-CDD16FA90F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2696FC-1C4C-4586-854C-7235ADD8376D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "92B6B5B8-4E81-4450-94E6-CDFA26362A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "929384A7-474C-448D-9834-23562CDF2B66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB26367-5B5D-4ED3-A103-204DBCF5CBF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE69E47-37D7-4F0E-A759-BD54565DF88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB8C856-A056-4D7F-8C5D-30A409BCD22C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "91685621-1937-4494-89AF-7AC1973A2ABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5C50F4-CF04-4C13-868A-F7ECE49DE01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "698AED51-5521-4D9C-B2FA-F3D8526D9FB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73E9D1A-1DFE-4B7C-81F1-0809071A3DDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC40F16C-2EE1-4AEE-BF48-793EFBECDACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "82F2E748-7331-4B34-8474-A43A1220D208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C01C39-A91C-437F-BAF9-7E578D703685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA73DFC1-3953-48DB-BF8C-545BE5B7BFAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A406AD0-38C5-4C32-AA88-AA45EE97C315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4E0311-0967-4AC9-B426-CAA0AF06855E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB22A258-06C5-48E5-BEF0-9324BD7D301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "48B56792-02FF-4E3E-B306-DC58FED37128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "22E5CD7F-CD9D-4E89-BF2F-944300121D11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63925E29-DB8F-4568-AD16-41C84A9C8EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA499D5E-A693-454D-B28D-E5D2247D1196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F147EE7-0312-4BA6-ABAB-31CCFCA5AA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B91C1D5F-FE14-4121-A7C8-16F08D652610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A59F3E51-D3D5-4846-B8AA-6BAD4BCCCCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E368A106-A236-4A42-8608-43F47EB4A2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29D2A64B-F136-49B8-9AF8-F8057F9227E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F0B80-070C-4610-862B-346994BFEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06064F73-366D-48C6-AACE-DCFC2F1B8E0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:gms600_firmware:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C54D374C-379B-4912-9330-30488C19F66C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:gms600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB13E178-8C41-4FDB-89AE-23D0A9930B94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1b02:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B54A23-399B-4080-A15F-4C0CBA743E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1c07:*:*:*:*:*:*:*",
"matchCriteriaId": "8C94ED80-743F-455D-90A4-35FFE7710A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1d02:*:*:*:*:*:*:*",
"matchCriteriaId": "528BF8FA-44BD-40F0-8A60-D0AE659EBBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1e01:*:*:*:*:*:*:*",
"matchCriteriaId": "A16F36DD-FF97-42CE-BB19-B7AE4B15356D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7121E7-7B4E-4CA1-8021-66B324CA2D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16_03:*:*:*:*:*:*:*",
"matchCriteriaId": "DBAF5025-6B2A-44C3-99AF-FD10ADFF19B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r15b08:*:*:*:*:*:*:*",
"matchCriteriaId": "76644F1E-8664-4F70-9553-D773D1362E06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE327A1-E89A-4A6F-87C7-D2EFF0433380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "419DB11F-2E9E-4E72-B6D4-FE34A4F0B9C6",
"versionEndIncluding": "3.0.0",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADE055E-8EE4-4CCE-9326-B70C101F0EF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:txpert_hub_coretec_5_firmware:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "811B1987-4966-477D-8900-55E522AAC4E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:txpert_hub_coretec_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0266D80-DE86-4BF0-BF39-91EF99C4802C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\n\nA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u00a0\n\nAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u00a0\n\n\n\n\nAlready existing/established client-server connections are not affected.\n\n\n\n\n\nList of affected CPEs:\n\n\n\n\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\n\n\n\n\n\n\n"
}
],
"id": "CVE-2022-3353",
"lastModified": "2024-11-21T07:19:21.390",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-21T14:15:13.463",
"references": [
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-18 17:15
Modified
2024-11-21 06:12
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:gms600_firmware:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD1DAF9-0CED-4670-B48B-54B86E2E318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:gms600_firmware:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C54D374C-379B-4912-9330-30488C19F66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:gms600_firmware:1.3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8560EE29-37B4-4238-AFD8-783F32D4F269",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:gms600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB13E178-8C41-4FDB-89AE-23D0A9930B94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62884938-0849-4632-AAD7-6B996711F5C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1883F52C-A7A6-42EA-B157-FC878470FBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "253E4EBE-5FF2-4910-B38B-5EADB40FB877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B91C1D5F-FE14-4121-A7C8-16F08D652610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A59F3E51-D3D5-4846-B8AA-6BAD4BCCCCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E368A106-A236-4A42-8608-43F47EB4A2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29D2A64B-F136-49B8-9AF8-F8057F9227E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F0B80-070C-4610-862B-346994BFEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06064F73-366D-48C6-AACE-DCFC2F1B8E0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4E5C6F-BA1C-4D8C-B47D-05276288CE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49A3609C-7E6D-437E-92D4-468B6B221D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AFF6B12-6F54-40AF-9F9F-5AA311BA9B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE9C73D-76C1-4D26-8CD6-202E973FB30F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A79A86A-42DE-4BB4-96F5-5A841F5B4536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA73DFC1-3953-48DB-BF8C-545BE5B7BFAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A406AD0-38C5-4C32-AA88-AA45EE97C315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "48B56792-02FF-4E3E-B306-DC58FED37128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "22E5CD7F-CD9D-4E89-BF2F-944300121D11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5C50F4-CF04-4C13-868A-F7ECE49DE01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "698AED51-5521-4D9C-B2FA-F3D8526D9FB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73E9D1A-1DFE-4B7C-81F1-0809071A3DDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "654FC924-0DC2-457C-A23F-60B1E1C89FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0DFCC47A-A66A-4DCA-AD80-EB5D65381012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9154F2F6-185C-436D-895B-0B3518505CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA7AECE-9DC9-42B7-884C-F4F0866942B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F091EE96-07DB-4EF2-AABC-29C2E8DD58D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:pwc600_firmware:1.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31C0E3ED-C4E3-4BF9-B5FF-9067BC2220EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:pwc600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8CBFF7D-3B2E-4FA5-9E0C-15B78AFC8165",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de seguridad insuficiente en el mecanismo de acceso a la base de datos interna de Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600, permite que un atacante que explote con \u00e9xito esta vulnerabilidad, de la que el producto no restringe suficientemente el acceso a las tablas de una base de datos interna, pueda permitir a cualquier persona con credenciales de usuario omitir los controles de seguridad que impone el producto. En consecuencia, una explotaci\u00f3n puede conllevar a modificaciones no autorizadas en los datos/firmware, y/o inhabilitar permanentemente el producto. Este problema afecta a: Hitachi Energy Relion 670 Series versiones 2.0 todas las revisiones; versiones 2.2.2 todas las revisiones; versiones 2.2.3 versiones anteriores a la 2.2.3.5. Hitachi Energy Relion 670/650 Series versiones 2.1 todas las revisiones. versiones 2.2.0 todas las revisiones; versiones 2.2.4 todas las revisiones; Hitachi Energy Relion 670/650/SAM600-IO versiones 2.2.1 todas las revisiones; versiones 2.2.5 versiones anteriores a la 2.2.5.2. Hitachi Energy Relion 650 versiones 1.0 todas las revisiones. versiones 1.1 todas las revisiones; versiones 1.2 todas las revisiones; versiones 1.3 versiones anteriores a la 1.3.0.8; Hitachi Energy GMS600 versiones 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 versi\u00f3n 1.0.1 versi\u00f3n 1.0.1.4 y versiones anteriores; versi\u00f3n 1.1.0 versi\u00f3n 1.1.0.1 y versiones anteriores."
}
],
"id": "CVE-2021-35534",
"lastModified": "2024-11-21T06:12:27.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T17:15:08.397",
"references": [
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000060\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000060\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-274"
}
],
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-04 10:15
Modified
2024-11-21 07:20
Severity ?
4.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
4.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
4.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Summary
A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation.
An attacker could exploit the vulnerability by first gaining access to
the system with security privileges and attempt to update the IED
with a malicious update package. Successful exploitation of this
vulnerability will cause the IED to restart, causing a temporary Denial of Service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachienergy | relion_650_firmware | 2.2.0 | |
| hitachienergy | relion_650_firmware | 2.2.1 | |
| hitachienergy | relion_650_firmware | 2.2.4 | |
| hitachienergy | relion_650_firmware | 2.2.5 | |
| hitachienergy | relion_650 | - | |
| hitachienergy | relion_670_firmware | 2.2.0 | |
| hitachienergy | relion_670_firmware | 2.2.1 | |
| hitachienergy | relion_670_firmware | 2.2.2 | |
| hitachienergy | relion_670_firmware | 2.2.3 | |
| hitachienergy | relion_670_firmware | 2.2.4 | |
| hitachienergy | relion_670_firmware | 2.2.5 | |
| hitachienergy | relion_670 | - | |
| hitachienergy | relion_sam600-io_firmware | 2.2.1 | |
| hitachienergy | relion_sam600-io | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA73DFC1-3953-48DB-BF8C-545BE5B7BFAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A406AD0-38C5-4C32-AA88-AA45EE97C315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "48B56792-02FF-4E3E-B306-DC58FED37128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "22E5CD7F-CD9D-4E89-BF2F-944300121D11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B91C1D5F-FE14-4121-A7C8-16F08D652610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A59F3E51-D3D5-4846-B8AA-6BAD4BCCCCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E368A106-A236-4A42-8608-43F47EB4A2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29D2A64B-F136-49B8-9AF8-F8057F9227E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F0B80-070C-4610-862B-346994BFEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06064F73-366D-48C6-AACE-DCFC2F1B8E0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5C50F4-CF04-4C13-868A-F7ECE49DE01B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73E9D1A-1DFE-4B7C-81F1-0809071A3DDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nA vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation.\nAn attacker could exploit the vulnerability by first gaining access to\nthe system with security privileges and attempt to update the IED\nwith a malicious update package. Successful exploitation of this\nvulnerability will cause the IED to restart, causing a temporary Denial of Service.\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en la validaci\u00f3n de la firma del paquete de actualizaci\u00f3n de Relion. Un paquete de actualizaci\u00f3n manipulado podr\u00eda provocar que el IED se reinicie. Despu\u00e9s de reiniciar, el dispositivo vuelve a su funcionamiento normal. Un atacante podr\u00eda aprovechar la vulnerabilidad obteniendo primero acceso al sistema con privilegios de seguridad e intentando actualizar el IED con un paquete de actualizaci\u00f3n malicioso. La explotaci\u00f3n exitosa de esta vulnerabilidad har\u00e1 que el IED se reinicie, lo que provocar\u00e1 una denegaci\u00f3n de servicio temporal."
}
],
"id": "CVE-2022-3864",
"lastModified": "2024-11-21T07:20:23.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-04T10:15:11.267",
"references": [
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000146\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000146\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-01 15:15
Modified
2024-11-21 08:35
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability exists in the input validation of the GOOSE
messages where out of range values received and processed
by the IED caused a reboot of the device. In order for an
attacker to exploit the vulnerability, goose receiving blocks need
to be configured.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4B7DA8-BA72-48E5-9E21-33FB1881E952",
"versionEndExcluding": "2.2.2.6",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4949214C-03DE-489E-80E3-7DC4EFED7ACA",
"versionEndExcluding": "2.2.3.7",
"versionStartIncluding": "2.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53D9E635-5BDA-4383-9FE5-4AFA4148A5E3",
"versionEndExcluding": "2.2.4.4",
"versionStartIncluding": "2.2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64A83135-6909-4838-9429-1046CA824723",
"versionEndExcluding": "2.2.5.6",
"versionStartIncluding": "2.2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "612B2549-82F9-4B7F-BDBD-95A562BF1EAE",
"versionEndExcluding": "2.2.4.4",
"versionStartIncluding": "2.2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7C5065-1CEC-44DC-BF01-16FC02390583",
"versionEndExcluding": "2.2.5.6",
"versionStartIncluding": "2.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A406AD0-38C5-4C32-AA88-AA45EE97C315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8A74BD43-D925-483C-98F7-5F5C32D3B6F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "264C95EE-756F-434E-9FA1-DC7878CEEF61",
"versionEndExcluding": "2.2.5.6",
"versionStartIncluding": "2.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5C50F4-CF04-4C13-868A-F7ECE49DE01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7025C2A4-698E-408C-9567-8759B638AB90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E73E9D1A-1DFE-4B7C-81F1-0809071A3DDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the input validation of the GOOSE \nmessages where out of range values received and processed \nby the IED caused a reboot of the device. In order for an \nattacker to exploit the vulnerability, goose receiving blocks need \nto be configured."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en la validaci\u00f3n de entrada de los mensajes GOOSE donde los valores fuera de rango recibidos y procesados por el IED provocaron un reinicio del dispositivo. Para que un atacante aproveche la vulnerabilidad, es necesario configurar los bloques receptores de ganso."
}
],
"id": "CVE-2023-4518",
"lastModified": "2024-11-21T08:35:20.213",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-01T15:15:07.860",
"references": [
{
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
],
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000170\u0026languageCode=en\u0026Preview=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000170\u0026languageCode=en\u0026Preview=true"
}
],
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
],
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-27 23:15
Modified
2024-11-21 04:32
Severity ?
Summary
An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-330-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-330-02 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC0661C-6309-45AA-8A03-BD9957844A8D",
"versionEndIncluding": "1.3.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C658029-20F4-411A-B1FE-B4E07D590775",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9550B8D1-41EB-4DB5-B63A-257EAAB55165",
"versionEndIncluding": "1.2.3.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF1FF94-D9B8-48BB-8AF7-9614D1DEB88F",
"versionEndIncluding": "2.0.0.11",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43D3D737-99C7-4982-BC82-30E06C2114C5",
"versionEndIncluding": "2.1.0.1",
"versionStartIncluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA98332-543F-48A7-B63C-B39F679D47F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service."
},
{
"lang": "es",
"value": "Un atacante puede utilizar un mensaje especialmente dise\u00f1ado para forzar a Relion 650 series (versiones 1.3.0.5 y anteriores) o Relion 670 series (versiones 1.2.3.18, 2.0.0.11, 2.1.0.1 y anteriores) a reiniciarse, lo que podr\u00eda causar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2019-18247",
"lastModified": "2024-11-21T04:32:54.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-27T23:15:10.790",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-330-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-330-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-35534 (GCVE-0-2021-35534)
Vulnerability from cvelistv5
Published
2021-11-18 16:35
Modified
2024-09-16 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Summary
Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Hitachi Energy | Relion 670 Series |
Version: 2.0 all revisions Version: 2.2.2 all revisions Version: 2.2.3 < 2.2.3.5 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000060\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Relion 670 Series",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "2.0 all revisions"
},
{
"status": "affected",
"version": "2.2.2 all revisions"
},
{
"lessThan": "2.2.3.5",
"status": "affected",
"version": "2.2.3",
"versionType": "custom"
}
]
},
{
"product": "Relion 670/650 Series",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "2.2.0 all revisions"
},
{
"status": "affected",
"version": "2.2.4 all revisions"
},
{
"status": "affected",
"version": "2.1 all revisions"
}
]
},
{
"product": "Relion 670/650/SAM600-IO",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "2.2.1 all revisions"
},
{
"lessThan": "2.2.5.2",
"status": "affected",
"version": "2.2.5",
"versionType": "custom"
}
]
},
{
"product": "Relion 650",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "1.1 all revisions"
},
{
"status": "affected",
"version": "1.2 all revisions"
},
{
"status": "affected",
"version": "1.0 all revisions"
},
{
"lessThan": "1.3.0.8",
"status": "affected",
"version": "1.3",
"versionType": "custom"
}
]
},
{
"product": "GMS600",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "1.3.0"
},
{
"status": "affected",
"version": "1.3.1.0 1.3.0.1"
},
{
"status": "affected",
"version": "1.2.0"
}
]
},
{
"product": "PWC600",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "1.0.1.4",
"status": "affected",
"version": "1.0.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.1.0.1",
"status": "affected",
"version": "1.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hitachi Energy thanks the following for working with us to help protect customers: U.S. Department of Energy CyTRICS researcher Robert Erbes."
}
],
"datePublic": "2021-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T16:35:03",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000060\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"solutions": [
{
"lang": "en",
"value": "Refer to the cybersecurity advisories at https://www.hitachienergy.com/cybersecurity/alerts-and-notifications"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient Security Control Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@hitachienergy.com",
"DATE_PUBLIC": "2021-11-04T11:00:00.000Z",
"ID": "CVE-2021-35534",
"STATE": "PUBLIC",
"TITLE": "Insufficient Security Control Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Relion 670 Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.0",
"version_value": "2.0 all revisions"
},
{
"version_affected": "=",
"version_name": "2.2.2",
"version_value": "2.2.2 all revisions"
},
{
"version_affected": "\u003c",
"version_name": "2.2.3",
"version_value": "2.2.3.5"
}
]
}
},
{
"product_name": "Relion 670/650 Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.2.0",
"version_value": "2.2.0 all revisions"
},
{
"version_affected": "=",
"version_name": "2.2.4",
"version_value": "2.2.4 all revisions"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "2.1 all revisions"
}
]
}
},
{
"product_name": "Relion 670/650/SAM600-IO",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.2.1",
"version_value": "2.2.1 all revisions"
},
{
"version_affected": "\u003c",
"version_name": "2.2.5",
"version_value": "2.2.5.2"
}
]
}
},
{
"product_name": "Relion 650",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "1.1",
"version_value": "1.1 all revisions"
},
{
"version_affected": "=",
"version_name": "1.2",
"version_value": "1.2 all revisions"
},
{
"version_affected": "\u003c",
"version_name": "1.3",
"version_value": "1.3.0.8"
},
{
"version_name": "1.0",
"version_value": "1.0 all revisions"
}
]
}
},
{
"product_name": "GMS600",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "1.3.0",
"version_value": "1.3.0"
},
{
"version_affected": "=",
"version_name": "1.3.1.0",
"version_value": "1.3.0.1"
},
{
"version_affected": "=",
"version_name": "1.2.0",
"version_value": "1.2.0"
}
]
}
},
{
"product_name": "PWC600",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "1.0.1",
"version_value": "1.0.1.4"
},
{
"version_affected": "\u003c=",
"version_name": "1.1.0",
"version_value": "1.1.0.1"
}
]
}
}
]
},
"vendor_name": "Hitachi Energy"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Hitachi Energy thanks the following for working with us to help protect customers: U.S. Department of Energy CyTRICS researcher Robert Erbes."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000060\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000060\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"solution": [
{
"lang": "en",
"value": "Refer to the cybersecurity advisories at https://www.hitachienergy.com/cybersecurity/alerts-and-notifications"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2021-35534",
"datePublished": "2021-11-18T16:35:03.214009Z",
"dateReserved": "2021-06-28T00:00:00",
"dateUpdated": "2024-09-16T18:45:19.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18247 (GCVE-0-2019-18247)
Vulnerability from cvelistv5
Published
2019-11-27 22:03
Modified
2024-08-05 01:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - IMPROPER INPUT VALIDATION
Summary
An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Relion 650 and 670 Series |
Version: Relion 650 series versions 1.3.0.5 and prior, Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-330-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Relion 650 and 670 Series",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Relion 650 series versions 1.3.0.5 and prior, Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "IMPROPER INPUT VALIDATION CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-27T22:03:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-330-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-18247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Relion 650 and 670 Series",
"version": {
"version_data": [
{
"version_value": "Relion 650 series versions 1.3.0.5 and prior, Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER INPUT VALIDATION CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-330-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-330-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-18247",
"datePublished": "2019-11-27T22:03:01",
"dateReserved": "2019-10-22T00:00:00",
"dateUpdated": "2024-08-05T01:47:14.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27196 (GCVE-0-2021-27196)
Vulnerability from cvelistv5
Published
2021-06-14 21:20
Modified
2024-09-17 03:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH"
}
],
"datePublic": "2021-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T21:20:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"solutions": [
{
"lang": "en",
"value": "Refer to the cybersecurity advisories at https://www.hitachiabb-powergrids.com/offering/solutions/cybersecurity/alerts-and-notifications"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Specially Crafted IEC 61850 Protocol Sequence Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2021-03-15T11:00:00.000Z",
"ID": "CVE-2021-27196",
"STATE": "PUBLIC",
"TITLE": "Specially Crafted IEC 61850 Protocol Sequence Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"solution": [
{
"lang": "en",
"value": "Refer to the cybersecurity advisories at https://www.hitachiabb-powergrids.com/offering/solutions/cybersecurity/alerts-and-notifications"
},
{
"lang": "en"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-27196",
"datePublished": "2021-06-14T21:20:38.696789Z",
"dateReserved": "2021-02-12T00:00:00",
"dateUpdated": "2024-09-17T03:17:31.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35535 (GCVE-0-2021-35535)
Vulnerability from cvelistv5
Published
2021-11-18 15:53
Modified
2024-09-16 17:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Summary
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Hitachi Energy | Relion 670 Series |
Version: 2.2.2 all revisions Version: 2.2.3 < 2.2.3.3 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000061\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Relion 670 Series",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "2.2.2 all revisions"
},
{
"lessThan": "2.2.3.3",
"status": "affected",
"version": "2.2.3",
"versionType": "custom"
}
]
},
{
"product": "Relion 670/650 Series",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "2.2.0 all revisions"
},
{
"status": "affected",
"version": "2.2.4 all revisions"
}
]
},
{
"product": "Relion 670/650/SAM600-IO",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "2.2.1 all revisions"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hitachi Energy thanks the following for working with us to help protect customers: U.S. Department of Energy CyTRICS researcher Riley Barello Myers."
}
],
"datePublic": "2021-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T15:53:12",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000061\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"solutions": [
{
"lang": "en",
"value": "Refer to the cybersecurity advisories at https://www.hitachienergy.com/cybersecurity/alerts-and-notifications"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient Security Control Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@hitachienergy.com",
"DATE_PUBLIC": "2021-11-04T11:00:00.000Z",
"ID": "CVE-2021-35535",
"STATE": "PUBLIC",
"TITLE": "Insufficient Security Control Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Relion 670 Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.2.2",
"version_value": "2.2.2 all revisions"
},
{
"version_affected": "\u003c",
"version_name": "2.2.3",
"version_value": "2.2.3.3"
}
]
}
},
{
"product_name": "Relion 670/650 Series",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.2.0",
"version_value": "2.2.0 all revisions"
},
{
"version_affected": "=",
"version_name": "2.2.4",
"version_value": "2.2.4 all revisions"
}
]
}
},
{
"product_name": "Relion 670/650/SAM600-IO",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.2.1",
"version_value": "2.2.1 all revisions"
}
]
}
}
]
},
"vendor_name": "Hitachi Energy"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Hitachi Energy thanks the following for working with us to help protect customers: U.S. Department of Energy CyTRICS researcher Riley Barello Myers."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1188 Insecure Default Initialization of Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000061\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000061\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"solution": [
{
"lang": "en",
"value": "Refer to the cybersecurity advisories at https://www.hitachienergy.com/cybersecurity/alerts-and-notifications"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2021-35535",
"datePublished": "2021-11-18T15:53:12.711689Z",
"dateReserved": "2021-06-28T00:00:00",
"dateUpdated": "2024-09-16T17:42:37.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3353 (GCVE-0-2022-3353)
Vulnerability from cvelistv5
Published
2023-02-21 13:50
Modified
2025-03-12 15:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-404 - Improper Resource Shutdown or Release
Summary
A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.
An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.
Already existing/established client-server connections are not affected.
List of affected CPEs:
* cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Hitachi Energy | FOX61x TEGO1 |
Version: tego1_r15b08 Version: tego1_r2a16_03 Version: tego1_r2a16 Version: tego1_r1e01 Version: tego1_r1d02 Version: tego1_r1c07 Version: tego1_r1b02 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:07:06.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T15:16:44.962103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T15:17:11.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FOX61x TEGO1",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "unaffected",
"version": "tego1_r16a11"
},
{
"status": "affected",
"version": "tego1_r15b08"
},
{
"status": "affected",
"version": "tego1_r2a16_03"
},
{
"status": "affected",
"version": "tego1_r2a16"
},
{
"status": "affected",
"version": "tego1_r1e01"
},
{
"status": "affected",
"version": "tego1_r1d02"
},
{
"status": "affected",
"version": "tego1_r1c07"
},
{
"status": "affected",
"version": "tego1_r1b02"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GMS600",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "GMS600 1.3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ITT600 SA Explorer",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "ITT600 SA Explorer 1.1.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.1.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.1.2"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.5.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.5.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.6.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.6.0.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.7.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.7.2"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.8.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.2"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.3"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.4.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.5.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.5.4"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.1.0.4"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.1.0.5"
},
{
"status": "unaffected",
"version": "ITT600 SA Explorer 2.1.1.2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MicroSCADA X SYS600",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "SYS600 10"
},
{
"status": "affected",
"version": "SYS600 10.1"
},
{
"status": "affected",
"version": "SYS600 10.1.1"
},
{
"status": "affected",
"version": "SYS600 10.2"
},
{
"status": "affected",
"version": "SYS600 10.2.1"
},
{
"status": "affected",
"version": "SYS600 10.3"
},
{
"status": "affected",
"version": "SYS600 10.3.1"
},
{
"status": "affected",
"version": "SYS600 10.4"
},
{
"status": "unaffected",
"version": "SYS600 10.4.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSM",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "MSM 2.2.3;0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PWC600",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "PWC600 1.0"
},
{
"status": "affected",
"version": "PWC600 1.1"
},
{
"status": "affected",
"version": "PWC600 1.2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "REB500",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThan": "7.*",
"status": "affected",
"version": "REB500 7.0",
"versionType": "7.*"
},
{
"lessThan": "8.*",
"status": "affected",
"version": "REB500 8.0",
"versionType": "8.*"
},
{
"status": "unaffected",
"version": "REB500 8.3.3.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Relion\u00ae 670",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion 670 1.2"
},
{
"status": "affected",
"version": "Relion 670 2.0"
},
{
"status": "affected",
"version": "Relion 670 version 2.1"
},
{
"status": "affected",
"version": "Relion 670 2.2.0"
},
{
"status": "affected",
"version": "Relion 670 2.2.1"
},
{
"status": "affected",
"version": "Relion 670 2.2.2"
},
{
"status": "affected",
"version": "Relion 670 2.2.3"
},
{
"status": "affected",
"version": "Relion 670 2.2.4"
},
{
"status": "affected",
"version": "Relion 670 2.2.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Relion\u00ae 650",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion 650 1.1"
},
{
"status": "affected",
"version": "Relion 650 1.3"
},
{
"status": "affected",
"version": "Relion 650 2.1"
},
{
"status": "affected",
"version": "Relion 650 2.2.0"
},
{
"status": "affected",
"version": "Relion 650 2.2.1"
},
{
"status": "affected",
"version": "Relion 650 2.2.2"
},
{
"status": "affected",
"version": "Relion 650 2.2.3"
},
{
"status": "affected",
"version": "Relion 650 2.2.4"
},
{
"status": "affected",
"version": "Relion 650 2.2.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM600-IO",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion SAM600-IO 2.2.1"
},
{
"status": "affected",
"version": "Relion SAM600-IO 2.2.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RTU500",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "12.0.14",
"status": "affected",
"version": "RTU500 12.0.1",
"versionType": "12.0.14"
},
{
"status": "unaffected",
"version": "RTU500 12.0.15"
},
{
"lessThanOrEqual": "12.2.11",
"status": "affected",
"version": "RTU500 12.2.1",
"versionType": "12.2.11"
},
{
"status": "unaffected",
"version": "RTU500 12.2.12"
},
{
"lessThanOrEqual": "12.4.11",
"status": "affected",
"version": "RTU500 12.4.1",
"versionType": "12.4.11"
},
{
"status": "unaffected",
"version": "RTU500 12.4.12"
},
{
"lessThanOrEqual": "12.6.8",
"status": "affected",
"version": "RTU500 12.6.1",
"versionType": "12.6.8"
},
{
"status": "unaffected",
"version": "RTU500 12.6.9"
},
{
"lessThanOrEqual": "12.7.4",
"status": "affected",
"version": "RTU500 12.7.1",
"versionType": "12.7.4"
},
{
"status": "unaffected",
"version": "RTU500 12.7.5"
},
{
"lessThanOrEqual": "13.2.5",
"status": "affected",
"version": "RTU500 13.2.1",
"versionType": "13.2.5"
},
{
"status": "unaffected",
"version": "RTU500 13.2.6"
},
{
"lessThanOrEqual": "13.3.3",
"status": "affected",
"version": "RTU500 13.3.1",
"versionType": "13.3.3"
},
{
"status": "unaffected",
"version": "RTU500 13.3.4"
},
{
"status": "affected",
"version": "RTU500 13.4.1"
},
{
"status": "unaffected",
"version": "RTU500 13.4.2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TXpert Hub CoreTec 4",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "CoreTec 4 version 2.0.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.1.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.2.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.3.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.4.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 3.0.*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TXpert Hub CoreTec 5",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "CoreTec 5 version 3.0.*"
}
]
}
],
"datePublic": "2023-02-14T13:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\u003cdiv\u003e\u003cp\u003eA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eAlready existing/established client-server connections are not affected.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eList of affected CPEs:\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "\n\n\nA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u00a0\n\nAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u00a0\n\n\n\n\nAlready existing/established client-server connections are not affected.\n\n\n\n\n\nList of affected CPEs:\n\n\n\n\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\n * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\n * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\n\n\n\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-21T14:09:25.358Z",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nUpgrade the system once remediated version is available.\n\n\n\u003cbr\u003e"
}
],
"value": "\nUpgrade the system once remediated version is available.\n\n\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\u003cbr\u003e"
}
],
"value": "\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2022-3353",
"datePublished": "2023-02-21T13:50:46.145Z",
"dateReserved": "2022-09-28T12:22:08.645Z",
"dateUpdated": "2025-03-12T15:17:11.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3864 (GCVE-0-2022-3864)
Vulnerability from cvelistv5
Published
2024-01-04 09:31
Modified
2024-08-27 15:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation.
An attacker could exploit the vulnerability by first gaining access to
the system with security privileges and attempt to update the IED
with a malicious update package. Successful exploitation of this
vulnerability will cause the IED to restart, causing a temporary Denial of Service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hitachi Energy | Relion 670/650/SAM600-IO Series |
Version: Relion 670/650 series version 2.2.0 all revisions Version: Relion 670/650/SAM600-IO series version 2.2.1 all revisions Version: Relion 670 series version 2.2.2 all revisions Version: Relion 670 series version 2.2.3 all revisions Version: Relion 670/650 series version 2.2.4 all revisions Version: Relion 670/650 series version 2.2.5 all revisions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:20:59.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000146\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T15:19:29.961351Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T15:19:54.336Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Relion 670/650/SAM600-IO Series",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion 670/650 series version 2.2.0 all revisions"
},
{
"status": "affected",
"version": "Relion 670/650/SAM600-IO series version 2.2.1 all revisions"
},
{
"status": "affected",
"version": "Relion 670 series version 2.2.2 all revisions"
},
{
"status": "affected",
"version": "Relion 670 series version 2.2.3 all revisions"
},
{
"status": "affected",
"version": "Relion 670/650 series version 2.2.4 all revisions"
},
{
"status": "affected",
"version": "Relion 670/650 series version 2.2.5 all revisions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nA vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation.\nAn attacker could exploit the vulnerability by first gaining access to\nthe system with security privileges and attempt to update the IED\nwith a malicious update package. Successful exploitation of this\nvulnerability will cause the IED to restart, causing a temporary Denial of Service.\n\n"
}
],
"value": "\nA vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation.\nAn attacker could exploit the vulnerability by first gaining access to\nthe system with security privileges and attempt to update the IED\nwith a malicious update package. Successful exploitation of this\nvulnerability will cause the IED to restart, causing a temporary Denial of Service.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-186",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-186 Malicious Software Update"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-04T09:31:20.283Z",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000146\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2022-3864",
"datePublished": "2024-01-04T09:31:20.283Z",
"dateReserved": "2022-11-04T15:07:18.438Z",
"dateUpdated": "2024-08-27T15:19:54.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4518 (GCVE-0-2023-4518)
Vulnerability from cvelistv5
Published
2023-12-01 14:18
Modified
2024-09-23 12:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
A vulnerability exists in the input validation of the GOOSE
messages where out of range values received and processed
by the IED caused a reboot of the device. In order for an
attacker to exploit the vulnerability, goose receiving blocks need
to be configured.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hitachi Energy | Relion670 |
Version: Relion 670 series version 2.2.0 all revisions Version: Relion 670/650/SAM600-IO series version 2.2.1 all revisions Version: elion 670 series version 2.2.2 all revisions Version: Relion 670 series version 2.2.3 all revisions Version: Relion 670/650 series version 2.2.4 all revisions Version: Relion 670/650/SAM600-IO series version 2.2.5 all revisions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000170\u0026languageCode=en\u0026Preview=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Relion670",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion 670 series version 2.2.0 all revisions"
},
{
"status": "affected",
"version": "Relion 670/650/SAM600-IO series version 2.2.1 all revisions"
},
{
"status": "affected",
"version": "elion 670 series version 2.2.2 all revisions"
},
{
"status": "affected",
"version": "Relion 670 series version 2.2.3 all revisions"
},
{
"status": "affected",
"version": "Relion 670/650 series version 2.2.4 all revisions"
},
{
"status": "affected",
"version": "Relion 670/650/SAM600-IO series version 2.2.5 all revisions"
}
]
}
],
"datePublic": "2023-11-28T13:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the input validation of the GOOSE \nmessages where out of range values received and processed \nby the IED caused a reboot of the device. In order for an \nattacker to exploit the vulnerability, goose receiving blocks need \nto be configured.\u0026nbsp;"
}
],
"value": "A vulnerability exists in the input validation of the GOOSE \nmessages where out of range values received and processed \nby the IED caused a reboot of the device. In order for an \nattacker to exploit the vulnerability, goose receiving blocks need \nto be configured."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T12:21:46.914Z",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000170\u0026languageCode=en\u0026Preview=true"
}
],
"source": {
"advisory": "8DBD000170",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2023-4518",
"datePublished": "2023-12-01T14:18:47.387Z",
"dateReserved": "2023-08-24T12:58:41.362Z",
"dateUpdated": "2024-09-23T12:21:46.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}