CVE-2022-3864

A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and...

PT-2024-11614 · Red Lion · Relion

Name of the Vulnerable Software and Affected Versions: Relion affected versions not specified Description: A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart, resulting in a temporary Denial of Service. An attacker...

CVE-2023-4518

A vulnerability exists in the input validation of the GOOSE messages where out of range values received and processed by the IED caused a reboot of the device. In order for an attacker to exploit the vulnerability, goose receiving blocks need to be configured...

CVE-2022-2513

A vulnerability exists in the Intelligent Electronic Device IED Connectivity Package ConnPack credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An...

CVE-2022-2513 Cleartext Credentials Vulnerability on Hitachi Energy’s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products

A vulnerability exists in the Intelligent Electronic Device IED Connectivity Package ConnPack credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An...