CVE-2022-3353 - OpenCVE

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Hitachienergy	Relion Sam600-io Firmware Fox615 Tego1 Txpert Hub Coretec 4 Firmware Txpert Hub Coretec 5 Itt600 Sa Explorer Sys600 Firmware Relion 650 Firmware Rtu500 Firmware Relion 670 Relion 650 Pwc600 Firmware Reb500 Firmware Gms600 Gms600 Firmware Modular Switchgear Monitoring Firmware Txpert Hub Coretec 4 Pwc600 Rtu500 Reb500 Relion Sam600-io Sys600 Txpert Hub Coretec 5 Firmware Modular Switchgear Monitoring Fox615 Tego1 Firmware Relion 670 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hitachienergy:sys600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:sys600:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1:::::::*

cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:hitachienergy:pwc600_firmware:1.0:::::::*
	cpe:2.3:o:hitachienergy:pwc600_firmware:1.1:::::::*
	cpe:2.3:o:hitachienergy:pwc600_firmware:1.2:::::::*

cpe:2.3:h:hitachienergy:pwc600:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:*

Configuration 6 [-]

OR	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.2:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.2:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.3:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.4.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.4:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::*

Configuration 7 [-]

AND

OR	cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.5:::::::*

cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

OR	cpe:2.3:o:hitachienergy:relion_650_firmware:1.1:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:1.3:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.2:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.3:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.5:::::::*

cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

OR	cpe:2.3:o:hitachienergy:relion_670_firmware:1.2:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.0:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.3:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.5:::::::*

cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hitachienergy:gms600_firmware:1.3.0:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:gms600:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1b02:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1c07:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1d02:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1e01:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16_03:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r15b08:::::::*

cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:hitachienergy:txpert_hub_coretec_5_firmware:3.0.0:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:txpert_hub_coretec_5:-:*:*:*:*:*:*:*

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory