Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_ABB_CVE-2021-22283.NASL
HistoryMar 14, 2023 - 12:00 a.m.

ABB SMU615 Improper Initialization (CVE-2021-22283)

2023-03-1400:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
abb
relion
protection relays
vulnerability
improper initialization
communication channel manipulation
cve-2021-22283
iec 4.0
cn 4.0
iec 5.0
software version
remote monitoring and control
merging unit
tenable.ot
scanner

0.0004 Low

EPSS

Percentile

9.2%

JSON

Improper Initialization vulnerability in ABB Relion protection relays

  • 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB Relion protection relays - RER615, ABB Remote Monitoring and Control - REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.This issue affects Relion protection relays - 611 series:
    from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays - 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3;
    Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3;
    Merging Unit- SMU615: from 1.0.0 before 1.0.2.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500883);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/20");

  script_cve_id("CVE-2021-22283");

  script_name(english:"ABB SMU615 Improper Initialization (CVE-2021-22283)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Improper Initialization vulnerability in ABB Relion protection relays
- 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1,
ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion
protection relays - 615 series IEC 5.0, ABB Relion protection relays -
615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series
IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1,
ABB Relion protection relays - REX640 PCL1, ABB Relion protection
relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB
Relion protection relays - RER615, ABB Remote Monitoring and Control -
REC615, ABB Merging Unit- SMU615 allows Communication Channel
Manipulation.This issue affects Relion protection relays - 611 series:
from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0
FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN
4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615
series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays -
615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection
relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion
protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before
2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before
1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before
1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before
1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3;
Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3;
Merging Unit- SMU615: from 1.0.0 before 1.0.2.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://search.abb.com/library/Download.aspx?DocumentID=2NGA001147&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8ce2bef6");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-22283");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(665);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/02/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/14");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:rec615_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:red615_iec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:ref615_ansi_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:ref615_iec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:ref615r_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_611_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_615_ansi_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_615_cn_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_615_cn_firmware:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_615_iec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_615_iec_firmware:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_615_iec_firmware:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_620_ansi_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_620_cn_firmware:2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:relion_620_iec_firmware:2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:rer615_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:rer620_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:rex640_pcl1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:rex640_pcl2_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:rex640_pcl3_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/ABB");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/ABB');

var asset = tenable_ot::assets::get(vendor:'ABB');

var vuln_cpes = {
    "cpe:/o:abb:rec615_firmware" :
        {"versionEndExcluding" : "2.0.3", "family" : "AbbRelion"},
    "cpe:/o:abb:rer615_firmware" :
        {"versionEndExcluding" : "2.0.3", "family" : "AbbRelion"},
    "cpe:/o:abb:ref615r_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:rex640_pcl3_firmware" :
        {"versionEndExcluding" : "1.2.1", "family" : "AbbRelion"},
    "cpe:/o:abb:rex640_pcl2_firmware" :
        {"versionEndExcluding" : "1.1.4", "family" : "AbbRelion"},
    "cpe:/o:abb:rex640_pcl1_firmware" :
        {"versionEndExcluding" : "1.0.8", "family" : "AbbRelion"},
    "cpe:/o:abb:rer620_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:relion_611_firmware" :
        {"versionEndExcluding" : "2.0.3", "family" : "AbbRelion"},
    "cpe:/o:abb:ref615_iec_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:ref615_ansi_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:ref615_iec_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:red615_iec_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:ref615_ansi_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:relion_615_iec_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:relion_615_cn_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:relion_615_ansi_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:relion_615_iec_firmware:4" :
        {"versionEndExcluding" : "4.1.9", "family" : "AbbRelion"},
    "cpe:/o:abb:relion_615_cn_firmware:4" :
        {"versionEndExcluding" : "4.1.8", "family" : "AbbRelion"},
    "cpe:/o:abb:relion_615_iec_firmware:5" :
        {"versionEndExcluding" : "5.0.12", "family" : "AbbRelion"},
    "cpe:/o:abb:relion_615_iec_firmware:5" :
        {"versionEndExcluding" : "5.1.20", "family" : "AbbRelion"},
    "cpe:/o:abb:relion_620_iec_firmware:2" :
        {"versionEndExcluding" : "2.0.11", "family" : "AbbRelion"},
    "cpe:/o:abb:relion_620_cn_firmware:2" :
        {"versionEndExcluding" : "2.0.11", "family" : "AbbRelion"},
    "cpe:/o:abb:relion_620_ansi_firmware" :
        {"family" : "AbbRelion"},
    "cpe:/o:abb:relion_620_iec_firmware:2" :
        {"versionEndExcluding" : "2.1.15", "family" : "AbbRelion"},
    "cpe:/o:abb:relion_620_cn_firmware:2" :
        {"versionEndExcluding" : "2.1.15", "family" : "AbbRelion"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
VendorProductVersionCPE
abbrex640_pcl1_firmwarecpe:/o:abb:rex640_pcl1_firmware
abbrex640_pcl2_firmwarecpe:/o:abb:rex640_pcl2_firmware
abbrex640_pcl3_firmwarecpe:/o:abb:rex640_pcl3_firmware
abbrec615_firmwarecpe:/o:abb:rec615_firmware
abbred615_iec_firmwarecpe:/o:abb:red615_iec_firmware
abbref615_ansi_firmwarecpe:/o:abb:ref615_ansi_firmware
abbref615_iec_firmwarecpe:/o:abb:ref615_iec_firmware
abbref615r_firmwarecpe:/o:abb:ref615r_firmware
abbrelion_611_firmwarecpe:/o:abb:relion_611_firmware
abbrelion_615_ansi_firmwarecpe:/o:abb:relion_615_ansi_firmware
Rows per page:
1-10 of 201

Related

cve 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2021-22283
2023-02-28 05:15:12
prion
prion
Input validation
2023-02-28 05:15:00
cvelist
cvelist
CVE-2021-22283 MMS File Transfer Vulnerability impact on Distribution Automation products
2023-02-28 04:21:41
nvd
nvd
CVE-2021-22283
2023-02-28 05:15:12

0.0004 Low

EPSS

Percentile

9.2%

JSON
Related for TENABLE_OT_ABB_CVE-2021-22283.NASL
cve1prion1cvelist1nvd1