CVE-2022-3353
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
76.9%
A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.
An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.
Already existing/established client-server connections are not affected.
List of affected CPEs:
- cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:::::::*
- cpe:2.3:a:hitachienergy:gms600:1.3.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.:::::::
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.:::::::
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.:::::::
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.:::::::
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:::::::*
- cpe:2.3:a:hitachienergy:mms:2.2.3:::::::*
- cpe:2.3:a:hitachienergy:pwc600:1.0:::::::*
- cpe:2.3:a:hitachienergy:pwc600:1.1:::::::*
- cpe:2.3:a:hitachienergy:pwc600:1.2:::::::*
- cpe:2.3:o:hitachienergy:reb500:7::::::::
- cpe:2.3:o:hitachienergy:reb500:8:::::::*
- cpe:2.3:o:hitachienergy:relion670:1.2.:::::::
- cpe:2.3:o:hitachienergy:relion670:2.0.:::::::
- cpe:2.3:o:hitachienergy:relion650:1.1.:::::::
- cpe:2.3:o:hitachienergy:relion650:1.3.:::::::
- cpe:2.3:o:hitachienergy:relion650:2.1.:::::::
- cpe:2.3:o:hitachienergy:relion670:2.1.:::::::
- cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:::::::*
- cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:::::::*
- cpe:2.3:o:hitachienergy:relion670:2.2.:::::::
- cpe:2.3:o:hitachienergy:relion650:2.2.:::::::
- cpe:2.3:o:hitachienergy:rtu500cmu:12..:::::::*
- cpe:2.3:a:hitachienergy:rtu500cmu:13..:::::::*
- cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.:::::::
- cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:::::::*
- cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:::::::*
| CPE | Name | Operator | Version |
|---|---|---|---|
| hitachienergy:sys600_firmware | hitachienergy sys600 firmware | le | 10.3.1 |
References
search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
76.9%