Lucene search
Hitachi EnergyCVELIST:CVE-2022-3353HistoryFeb 21, 2023 - 1:50 p.m.
CVE-2022-3353 IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products
2023-02-2113:50:46
CWE-404
Hitachi Energy
www.cve.org
iec 61850
mms-server
hitachi energy
vulnerability
exploit
cpes
security advisory
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.005 Low
EPSS
Percentile
77.0%
A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.
An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.
Already existing/established client-server connections are not affected.
List of affected CPEs:
- cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:::::::*
- cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:::::::*
- cpe:2.3:a:hitachienergy:gms600:1.3.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.:::::::
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.:::::::
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.:::::::
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.:::::::
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:::::::*
- cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:::::::*
- cpe:2.3:a:hitachienergy:mms:2.2.3:::::::*
- cpe:2.3:a:hitachienergy:pwc600:1.0:::::::*
- cpe:2.3:a:hitachienergy:pwc600:1.1:::::::*
- cpe:2.3:a:hitachienergy:pwc600:1.2:::::::*
- cpe:2.3:o:hitachienergy:reb500:7::::::::
- cpe:2.3:o:hitachienergy:reb500:8:::::::*
- cpe:2.3:o:hitachienergy:relion670:1.2.:::::::
- cpe:2.3:o:hitachienergy:relion670:2.0.:::::::
- cpe:2.3:o:hitachienergy:relion650:1.1.:::::::
- cpe:2.3:o:hitachienergy:relion650:1.3.:::::::
- cpe:2.3:o:hitachienergy:relion650:2.1.:::::::
- cpe:2.3:o:hitachienergy:relion670:2.1.:::::::
- cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:::::::*
- cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:::::::*
- cpe:2.3:o:hitachienergy:relion670:2.2.:::::::
- cpe:2.3:o:hitachienergy:relion650:2.2.:::::::
- cpe:2.3:o:hitachienergy:rtu500cmu:12..:::::::*
- cpe:2.3:a:hitachienergy:rtu500cmu:13..:::::::*
- cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.:::::::
- cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:::::::*
- cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:::::::*
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "FOX61x TEGO1",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "unaffected",
"version": "tego1_r16a11"
},
{
"status": "affected",
"version": "tego1_r15b08"
},
{
"status": "affected",
"version": "tego1_r2a16_03"
},
{
"status": "affected",
"version": "tego1_r2a16"
},
{
"status": "affected",
"version": "tego1_r1e01"
},
{
"status": "affected",
"version": "tego1_r1d02"
},
{
"status": "affected",
"version": "tego1_r1c07"
},
{
"status": "affected",
"version": "tego1_r1b02"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GMS600",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "GMS600 1.3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ITT600 SA Explorer",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "ITT600 SA Explorer 1.1.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.1.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.1.2"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.5.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.5.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.6.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.6.0.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.7.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.7.2"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 1.8.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.2"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.3"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.4.1"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.5.0"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.0.5.4"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.1.0.4"
},
{
"status": "affected",
"version": "ITT600 SA Explorer 2.1.0.5"
},
{
"status": "unaffected",
"version": "ITT600 SA Explorer 2.1.1.2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MicroSCADA X SYS600",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "SYS600 10"
},
{
"status": "affected",
"version": "SYS600 10.1"
},
{
"status": "affected",
"version": "SYS600 10.1.1"
},
{
"status": "affected",
"version": "SYS600 10.2"
},
{
"status": "affected",
"version": "SYS600 10.2.1"
},
{
"status": "affected",
"version": "SYS600 10.3"
},
{
"status": "affected",
"version": "SYS600 10.3.1"
},
{
"status": "affected",
"version": "SYS600 10.4"
},
{
"status": "unaffected",
"version": "SYS600 10.4.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSM",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "MSM 2.2.3;0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PWC600",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "PWC600 1.0"
},
{
"status": "affected",
"version": "PWC600 1.1"
},
{
"status": "affected",
"version": "PWC600 1.2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "REB500",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThan": "7.*",
"status": "affected",
"version": "REB500 7.0",
"versionType": "7.*"
},
{
"lessThan": "8.*",
"status": "affected",
"version": "REB500 8.0",
"versionType": "8.*"
},
{
"status": "unaffected",
"version": "REB500 8.3.3.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Relionยฎ 670",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion 670 1.2"
},
{
"status": "affected",
"version": "Relion 670 2.0"
},
{
"status": "affected",
"version": "Relion 670 version 2.1"
},
{
"status": "affected",
"version": "Relion 670 2.2.0"
},
{
"status": "affected",
"version": "Relion 670 2.2.1"
},
{
"status": "affected",
"version": "Relion 670 2.2.2"
},
{
"status": "affected",
"version": "Relion 670 2.2.3"
},
{
"status": "affected",
"version": "Relion 670 2.2.4"
},
{
"status": "affected",
"version": "Relion 670 2.2.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Relionยฎ 650",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion 650 1.1"
},
{
"status": "affected",
"version": "Relion 650 1.3"
},
{
"status": "affected",
"version": "Relion 650 2.1"
},
{
"status": "affected",
"version": "Relion 650 2.2.0"
},
{
"status": "affected",
"version": "Relion 650 2.2.1"
},
{
"status": "affected",
"version": "Relion 650 2.2.2"
},
{
"status": "affected",
"version": "Relion 650 2.2.3"
},
{
"status": "affected",
"version": "Relion 650 2.2.4"
},
{
"status": "affected",
"version": "Relion 650 2.2.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM600-IO",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "Relion SAM600-IO 2.2.1"
},
{
"status": "affected",
"version": "Relion SAM600-IO 2.2.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RTU500",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "12.0.14",
"status": "affected",
"version": "RTU500 12.0.1",
"versionType": "12.0.14"
},
{
"status": "unaffected",
"version": "RTU500 12.0.15"
},
{
"lessThanOrEqual": "12.2.11",
"status": "affected",
"version": "RTU500 12.2.1",
"versionType": "12.2.11"
},
{
"status": "unaffected",
"version": "RTU500 12.2.12"
},
{
"lessThanOrEqual": "12.4.11",
"status": "affected",
"version": "RTU500 12.4.1",
"versionType": "12.4.11"
},
{
"status": "unaffected",
"version": "RTU500 12.4.12"
},
{
"lessThanOrEqual": "12.6.8",
"status": "affected",
"version": "RTU500 12.6.1",
"versionType": "12.6.8"
},
{
"status": "unaffected",
"version": "RTU500 12.6.9"
},
{
"lessThanOrEqual": "12.7.4",
"status": "affected",
"version": "RTU500 12.7.1",
"versionType": "12.7.4"
},
{
"status": "unaffected",
"version": "RTU500 12.7.5"
},
{
"lessThanOrEqual": "13.2.5",
"status": "affected",
"version": "RTU500 13.2.1",
"versionType": "13.2.5"
},
{
"status": "unaffected",
"version": "RTU500 13.2.6"
},
{
"lessThanOrEqual": "13.3.3",
"status": "affected",
"version": "RTU500 13.3.1",
"versionType": "13.3.3"
},
{
"status": "unaffected",
"version": "RTU500 13.3.4"
},
{
"status": "affected",
"version": "RTU500 13.4.1"
},
{
"status": "unaffected",
"version": "RTU500 13.4.2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TXpert Hub CoreTec 4",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "CoreTec 4 version 2.0.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.1.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.2.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.3.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 2.4.*"
},
{
"status": "affected",
"version": "CoreTec 4 version 3.0.*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TXpert Hub CoreTec 5",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "CoreTec 5 version 3.0.*"
}
]
}
]References
search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch
search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch
Related
nessus
nessus
ics
ics
Hitachi Energy IEC 61850 MMS-Server
2023-03-30 12:00:00
cve
cve
CVE-2022-3353
2023-02-21 14:15:13
prion
prion
Code injection
2023-02-21 14:15:00
nvd
nvd
CVE-2022-3353
2023-02-21 14:15:13
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.005 Low
EPSS
Percentile
77.0%
Related for CVELIST:CVE-2022-3353