Relion 670 Firmware Security Vulnerabilities and Issues — Relion 670 Firmware CVE List

Lucene search

HitachienergyRelion 670 Firmware

8 matches found

CVE•added 2021/06/14 10:15 p.m.•60 views

CVE-2021-27196

Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce th...

7.5CVSS7.5AI score0.01045EPSS

CVE•added 2021/11/18 4:15 p.m.•51 views

CVE-2021-35535

Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process wh...

8.1CVSS7.9AI score0.00308EPSS

CVE•added 2019/11/27 11:15 p.m.•47 views

CVE-2019-18253

An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.

10CVSS9AI score0.00394EPSS

CVE•added 2019/11/27 11:15 p.m.•46 views

CVE-2019-18247

An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service.

7.8CVSS7.4AI score0.00411EPSS

CVE•added 2021/11/18 5:15 p.m.•44 views

CVE-2021-35534

Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database ...

9CVSS6.9AI score0.0018EPSS

CVE•added 2023/02/21 2:15 p.m.•43 views

CVE-2022-3353

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. ...

7.5CVSS6.4AI score0.0034EPSS

CVE•added 2024/01/04 10:15 a.m.•37 views

CVE-2022-3864

A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation.An attacker could exploit the vulnerability by first gaining access tothe system with security privileges and atte...

4.5CVSS4.6AI score0.00047EPSS

CVE•added 2023/12/01 3:15 p.m.•32 views

CVE-2023-4518

A vulnerability exists in the input validation of the GOOSEmessages where out of range values received and processedby the IED caused a reboot of the device. In order for anattacker to exploit the vulnerability, goose receiving blocks needto be configured.

7.5CVSS6.9AI score0.00108EPSS