← Back

CVE-2022-3353

nvd nist
Published: Feb 21, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.  An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.  Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*

Affected (62)

Hitachienergy
13 products
Sys600 Firmware
Rtu500 Firmware
Reb500 Firmware
Pwc600 Firmware
Modular Switchgear Monitoring Firmware
Itt600 Sa Explorer
Relion Sam600 Io Firmware
Relion 650 Firmware
Relion 670 Firmware
Gms600 Firmware
Fox615 Tego1 Firmware
Txpert Hub Coretec 4 Firmware
Txpert Hub Coretec 5 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sys600 Firmware
From 10.1 to 10.3.1
Running on/withPlatform Versions
Hitachienergy
Sys600
All versions
Configuration B
8 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hitachienergy
Rtu500 Firmware
From 12.0.1.0 to 12.0.14.0
Rtu500 Firmware
From 12.2.1.0 to 12.2.11.0
Rtu500 Firmware
From 12.4.1.0 to 12.4.11.0
Rtu500 Firmware
From 12.6.1.0 to 12.6.8.0
Rtu500 Firmware
From 12.7.1.0 to 12.7.4.0
Rtu500 Firmware
From 13.2.1.0 to 13.2.5.0
Rtu500 Firmware
From 13.3.1 to 13.3.3
Rtu500 Firmware
Version 13.4.1
Running on/withPlatform Versions
Hitachienergy
Rtu500
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Reb500 Firmware
From 7.0 to 8.3.3
Running on/withPlatform Versions
Hitachienergy
Reb500
All versions
Configuration D
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hitachienergy
Pwc600 Firmware
Version 1.0
Pwc600 Firmware
Version 1.1
Pwc600 Firmware
Version 1.2
Running on/withPlatform Versions
Hitachienergy
Pwc600
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Modular Switchgear Monitoring Firmware
Up to 2.2.3
Running on/withPlatform Versions
Hitachienergy
Modular Switchgear Monitoring
All versions
Configuration F
18 vulnerable
Vulnerable SoftwareAffected Versions
Hitachienergy
Itt600 Sa Explorer
Version 1.1.0
Itt600 Sa Explorer
Version 1.1.1
Itt600 Sa Explorer
Version 1.1.2
Itt600 Sa Explorer
Version 1.5.0
Itt600 Sa Explorer
Version 1.5.1
Itt600 Sa Explorer
Version 1.6.0.1
Itt600 Sa Explorer
Version 1.6.0
Itt600 Sa Explorer
Version 1.7.0
Itt600 Sa Explorer
Version 1.7.2
Itt600 Sa Explorer
Version 1.8.0
Itt600 Sa Explorer
Version 2.0.1
Itt600 Sa Explorer
Version 2.0.2
Itt600 Sa Explorer
Version 2.0.3
Itt600 Sa Explorer
Version 2.0.4.1
Itt600 Sa Explorer
Version 2.0.5.0
Itt600 Sa Explorer
Version 2.0.5.4
Itt600 Sa Explorer
Version 2.1.0.4
Itt600 Sa Explorer
Version 2.1.0.5
Configuration G
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hitachienergy
Relion Sam600 Io Firmware
Version 2.2.1
Relion Sam600 Io Firmware
Version 2.2.5
Running on/withPlatform Versions
Hitachienergy
Relion Sam600 Io
All versions
Configuration H
9 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hitachienergy
Relion 650 Firmware
Version 1.1
Relion 650 Firmware
Version 1.3
Relion 650 Firmware
Version 2.1
Relion 650 Firmware
Version 2.2.0
Relion 650 Firmware
Version 2.2.1
Relion 650 Firmware
Version 2.2.2
Relion 650 Firmware
Version 2.2.3
Relion 650 Firmware
Version 2.2.4
Relion 650 Firmware
Version 2.2.5
Running on/withPlatform Versions
Hitachienergy
Relion 650
All versions
Configuration I
9 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hitachienergy
Relion 670 Firmware
Version 1.2
Relion 670 Firmware
Version 2.0
Relion 670 Firmware
Version 2.1
Relion 670 Firmware
Version 2.2.0
Relion 670 Firmware
Version 2.2.1
Relion 670 Firmware
Version 2.2.2
Relion 670 Firmware
Version 2.2.3
Relion 670 Firmware
Version 2.2.4
Relion 670 Firmware
Version 2.2.5
Running on/withPlatform Versions
Hitachienergy
Relion 670
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gms600 Firmware
Version 1.3.0
Running on/withPlatform Versions
Hitachienergy
Gms600
All versions
Configuration K
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hitachienergy
Fox615 Tego1 Firmware
Version r15b08
Fox615 Tego1 Firmware
Version r1b02
Fox615 Tego1 Firmware
Version r1c07
Fox615 Tego1 Firmware
Version r1d02
Fox615 Tego1 Firmware
Version r1e01
Fox615 Tego1 Firmware
Version r2b16
Fox615 Tego1 Firmware
Version r2b16_03
Running on/withPlatform Versions
Hitachienergy
Fox615 Tego1
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Txpert Hub Coretec 4 Firmware
From 2.0.0 to 3.0.0
Running on/withPlatform Versions
Hitachienergy
Txpert Hub Coretec 4
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Txpert Hub Coretec 5 Firmware
Version 3.0.0
Running on/withPlatform Versions
Hitachienergy
Txpert Hub Coretec 5
All versions

Related CWEs

CWE-404
Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.

References (20)

Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: cybersecurity@hitachienergy.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.