Lucene search

[email protected]CVE-2021-22283

HistoryFeb 28, 2023 - 5:15 a.m.

CVE-2021-22283

2023-02-2805:15:12

CWE-665

[email protected]

web.nvd.nist.gov

cve-2021-22283

abb relion

protection relays

vulnerability

initialization

communication channel manipulation

nvd

security advisory

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB Relion protection relays - RER615, ABB Remote Monitoring and Control - REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.This issue affects Relion protection relays - 611 series: from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays - 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3; Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3; Merging Unit- SMU615: from 1.0.0 before 1.0.2.

Affected configurations

NVD

Node

abbsmu615_firmwareRange<1.0.2

AND

abbsmu615Match-

Node

abbrec615_firmwareRange<2.0.3

AND

abbrec615Match-

Node

abbrer615_firmwareRange<2.0.3

AND

abbrer615Match-

Node

abbevd4_firmware

AND

abbevd4Match-

Node

abbref615r_firmware

AND

abbref615rMatch-

Node

abbrex640_pcl3_firmwareRange<1.2.1

AND

abbrex640_pcl3Match-

Node

abbrex640_pcl2_firmwareRange<1.1.4

AND

abbrex640_pcl2Match-

Node

abbrex640_pcl1Match-

AND

abbrex640_pcl1_firmwareRange<1.0.8

Node

abbrer620Match-

AND

abbrer620_firmware

Node

abbrelion_611Match-

AND

abbrelion_611_firmwareRange<2.0.3

Node

abbref615_iecMatch1.0

AND

abbref615_iec_firmware

Node

abbref615_ansiMatch1.0

AND

abbref615_ansi_firmware

Node

abbref615_iecMatch1.1

AND

abbref615_iec_firmware

Node

abbred615_iecMatch1.1

AND

abbred615_iec_firmware

Node

abbref615_ansiMatch1.1

AND

abbref615_ansi_firmware

Node

abbrelion_615_iec_firmware

AND

abbrelion_615_iecMatch2.0

abbrelion_615_iecMatch3.0

abbrelion_615_iecMatch4.0-

Node

abbrelion_615_cn_firmware

AND

abbrelion_615_cnMatch2.0

abbrelion_615_cnMatch3.0

abbrelion_615_cnMatch3.1

abbrelion_615_cnMatch4.0-

abbrelion_615_cnMatch5.0fp1

Node

abbrelion_615_ansi_firmware

AND

abbrelion_615_ansiMatch2.0

abbrelion_615_ansiMatch4.0-

abbrelion_615_ansiMatch4.0fp1

abbrelion_615_ansiMatch4.0fp2

abbrelion_615_ansiMatch5.0fp1

Node

abbrelion_615_iec_firmwareRange<4.1.9

AND

abbrelion_615_iecMatch4.0fp1

Node

abbrelion_615_cn_firmwareRange<4.1.8

AND

abbrelion_615_cnMatch4.0fp1

Node

abbrelion_615_iec_firmwareRange<5.0.12

AND

abbrelion_615_iecMatch5.0-

Node

abbrelion_615_iec_firmwareRange<5.1.20

AND

abbrelion_615_iecMatch5.0fp1

Node

abbrelion_620_iec_firmwareRange<2.0.11

AND

abbrelion_620_iecMatch2.0-

Node

abbrelion_620_cn_firmwareRange<2.0.11

AND

abbrelion_620_cnMatch2.0-

Node

abbrelion_620_ansi_firmware

AND

abbrelion_620_ansiMatch-

Node

abbrelion_620_iec_firmwareRange<2.1.15

AND

abbrelion_620_iecMatch2.0fp1

Node

abbrelion_620_cn_firmwareRange<2.1.15

AND

abbrelion_620_cnMatch2.0fp1

CPENameOperatorVersion
abb:smu615_firmwareabb smu615 firmwarelt1.0.2

CPE	Name	Operator	Version
abb:smu615_firmware	abb smu615 firmware	lt	1.0.2

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - 611 series",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "2.0.3",
        "status": "affected",
        "version": "1.0.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - 615 series IEC 4.0 FP1",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": " 4.1.9",
        "status": "affected",
        "version": "4.1.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - 615 series CN 4.0 FP1",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "4.1.8",
        "status": "affected",
        "version": "4.1.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - 615 series IEC 5.0",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "5.0.12",
        "status": "affected",
        "version": "5.0.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - 615 series IEC 5.0 FP1",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "5.1.20",
        "status": "affected",
        "version": "5.1.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - 620 series IEC/CN 2.0",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "2.0.11",
        "status": "affected",
        "version": "2.0.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - 620 series IEC/CN 2.0 FP1",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "2.1.15",
        "status": "affected",
        "version": "2.1.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - REX640 PCL1",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "1.0.8",
        "status": "affected",
        "version": "1.0.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - REX640 PCL2",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "1.1.4",
        "status": "affected",
        "version": "1.1.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - REX640 PCL3",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "1.2.1",
        "status": "affected",
        "version": "1.2.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Relion protection relays - RER615",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "2.0.3",
        "status": "affected",
        "version": "2.0.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Remote Monitoring and Control - REC615",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "2.0.3",
        "status": "affected",
        "version": "1.0.0",
        "versionType": "firmware"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Merging Unit- SMU615",
    "vendor": "ABB",
    "versions": [
      {
        "lessThan": "1.0.2",
        "status": "affected",
        "version": "1.0.0",
        "versionType": "firmware"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=2NGA001147&LanguageCode=en&DocumentPartId=&Action=Launch

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2021-22283

nessus1 prion1 cvelist1 nvd1