Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_ABB_CVE-2022-3353.NASL
HistoryMar 29, 2023 - 12:00 a.m.

Hitachi Energy IEC 61850 MMS-Server Improper Resource Shutdown or Release (CVE-2022-3353)

2023-03-2900:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
iec 61850 mms-server
hitachi energy
improper resource shutdown
cve-2022-3353
ot asset
vulnerability
tenable.ot

0.005 Low

EPSS

Percentile

77.0%

JSON

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500950);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2022-3353");

  script_name(english:"Hitachi Energy IEC 61850 MMS-Server Improper Resource Shutdown or Release (CVE-2022-3353)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A vulnerability exists in the IEC 61850 communication stack that
affects multiple Hitachi Energy products. An attacker could exploit
the vulnerability by using a specially crafted message sequence, to
force the IEC 61850 MMS-server communication stack, to stop accepting
new MMS-client connections. Already existing/established client-server
connections are not affected.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e76e8426");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?28abac17");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8f3dd03c");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7be62474");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d81889dd");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5afe1348");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e9e7f106");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-089-01");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bb4b3669");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9b3a949b");
  # https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2647439b");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Hitachi Energy provided updates for the following products. Contact Hitachi Energy for update information.

- MSM Server update to version 2.2.5
- tego1_r15b08 (FOX615 System Release R15B) update to tego1_r16a11 (FOX615 System Release R16A)
- REB500 all V8.x versions update to REB500 firmware to version 8.3.3.0 when released.
- RTU500 series CMU Firmware version 12.0.1 to 12.0.14 Update to CMU Firmware version 12.0.15
- RTU500 series CMU Firmware version 12.2.1 to 12.2.11 Update to CMU Firmware version 12.2.12
- RTU500 series CMU Firmware version 12.4.1 to 12.4.11 Update to CMU Firmware version 12.4.12
- RTU500 series CMU Firmware version 12.6.1 to 12.6.8 Update to CMU Firmware version 12.6.9
- RTU500 series CMU Firmware version 12.7.1 to 12.7.4 Update to CMU Firmware version 12.7.5
- RTU500 series CMU Firmware version 13.2.1 to 13.2.5 Update to CMU Firmware version 13.2.6
- RTU500 series CMU Firmware version 13.3.1 to 13.3.3 Update to CMU Firmware version 13.3.4
- RTU500 series CMU Firmware version 13.4.1 Update to CMU Firmware version 13.4.2
- SYS600 version 10.1 to 10.3.1 update to SYS600 version 10.4.1

For all versions, Hitachi Energy recommends that users apply these general mitigation factors: 

- Upgrade the system once a remediated version is available.
- Apply Hitachi Energy recommended security practices and firewall configurations to help protect a process control
network from attacks that originate from outside the network. Such practices include:
    - Physically protecting process control systems from direct access by unauthorized personnel.
    - Not allowing direct connections to the internet. 
        - Process control systems should not be used for internet surfing, instant messaging, or receiving emails.
    - Use a firewall system that has a minimal number of exposed ports to separate the process control network from
other networks.
        - Connection to other networks must be evaluated as necessary.
    - Scan portable computers and removable storage media carefully for viruses before connection to a control system.
- MSM is not designed nor intended to be connected to the internet. Disconnect the device from any internet facing
network.
    - Adopt user access management and updated antivirus protection engines equipped with the latest signature rules for
computers that have installed and are operating the MMS Client application.
    - Use the default operating system (OS) user access management function to limit unauthorized access and/or rogue
commands via the MMS Client application.

For more information, see the Hitachi Energy advisories for the corresponding affected products:");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-3353");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(404);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/02/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/29");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:reb500_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:2.2.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:2.2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:2.2.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:2.2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:2.2.4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_650_firmware:2.2.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:1.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.2.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.2.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.2.4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_670_firmware:2.2.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_sam600-io_firmware:2.2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:hitachienergy:relion_sam600-io_firmware:2.2.5");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/ABB");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/ABB');

var asset = tenable_ot::assets::get(vendor:'ABB');

var vuln_cpes = {
    "cpe:/o:abb:rtu500_firmware:12.0" :
        {"versionEndIncluding" : "12.0.14.0", "versionStartIncluding" : "12.0.1.0", "family" : "AbbRTU500"},
    "cpe:/o:abb:rtu500_firmware:12.2" :
        {"versionEndIncluding" : "12.2.11.0", "versionStartIncluding" : "12.2.1.0", "family" : "AbbRTU500"},
    "cpe:/o:abb:rtu500_firmware:12.4" :
        {"versionEndIncluding" : "12.4.11.0", "versionStartIncluding" : "12.4.1.0", "family" : "AbbRTU500"},
    "cpe:/o:abb:rtu500_firmware:12.6" :
        {"versionEndIncluding" : "12.6.8.0", "versionStartIncluding" : "12.6.1.0", "family" : "AbbRTU500"},
    "cpe:/o:abb:rtu500_firmware:12.7" :
        {"versionEndIncluding" : "12.7.4.0", "versionStartIncluding" : "12.7.1.0", "family" : "AbbRTU500"},
    "cpe:/o:abb:rtu500_firmware:13.2" :
        {"versionEndIncluding" : "13.2.5.0", "versionStartIncluding" : "13.2.1.0", "family" : "AbbRTU500"},
    "cpe:/o:abb:rtu500_firmware:13.3" :
        {"versionEndIncluding" : "13.3.3", "versionStartIncluding" : "13.3.1", "family" : "AbbRTU500"},
    "cpe:/o:abb:rtu500_firmware:13.4.1" :
        {"versionEndIncluding" : "13.4.1", "versionStartIncluding" : "13.4.1", "family" : "AbbRTU500"},
    "cpe:/o:hitachienergy:reb500_firmware" :
        {"versionEndExcluding" : "8.3.3", "versionStartIncluding" : "7.0", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_sam600-io_firmware:2.2.1" :
        {"versionEndIncluding" : "2.2.1", "versionStartIncluding" : "2.2.1", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_sam600-io_firmware:2.2.5" :
        {"versionEndIncluding" : "2.2.5", "versionStartIncluding" : "2.2.5", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:2.1" :
        {"versionEndIncluding" : "2.1", "versionStartIncluding" : "2.1", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:2.2.0" :
        {"versionEndIncluding" : "2.2.0", "versionStartIncluding" : "2.2.0", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:2.2.1" :
        {"versionEndIncluding" : "2.2.1", "versionStartIncluding" : "2.2.1", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:2.2.2" :
        {"versionEndIncluding" : "2.2.2", "versionStartIncluding" : "2.2.2", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:2.2.3" :
        {"versionEndIncluding" : "2.2.3", "versionStartIncluding" : "2.2.3", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:2.2.4" :
        {"versionEndIncluding" : "2.2.4", "versionStartIncluding" : "2.2.4", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_650_firmware:2.2.5" :
        {"versionEndIncluding" : "2.2.5", "versionStartIncluding" : "2.2.5", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:1.2" :
        {"versionEndIncluding" : "1.2", "versionStartIncluding" : "1.2", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.0" :
        {"versionEndIncluding" : "2.0", "versionStartIncluding" : "2.0", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.1" :
        {"versionEndIncluding" : "2.1", "versionStartIncluding" : "2.1", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.2.0" :
        {"versionEndIncluding" : "2.2.0", "versionStartIncluding" : "2.2.0", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.2.1" :
        {"versionEndIncluding" : "2.2.1", "versionStartIncluding" : "2.2.1", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.2.2" :
        {"versionEndIncluding" : "2.2.2", "versionStartIncluding" : "2.2.2", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.2.3" :
        {"versionEndIncluding" : "2.2.3", "versionStartIncluding" : "2.2.3", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.2.4" :
        {"versionEndIncluding" : "2.2.4", "versionStartIncluding" : "2.2.4", "family" : "AbbRelion"},
    "cpe:/o:hitachienergy:relion_670_firmware:2.2.5" :
        {"versionEndIncluding" : "2.2.5", "versionStartIncluding" : "2.2.5", "family" : "AbbRelion"},
    "cpe:/o:abb:fox615_tego1_firmware:r1b02" :
        {"versionEndIncluding" : "r1b02", "versionStartIncluding" : "r1b02", "family" : "AbbFox"},
    "cpe:/o:abb:fox615_tego1_firmware:r1c07" :
        {"versionEndIncluding" : "r1c07", "versionStartIncluding" : "r1c07", "family" : "AbbFox"},
    "cpe:/o:abb:fox615_tego1_firmware:r1d02" :
        {"versionEndIncluding" : "r1d02", "versionStartIncluding" : "r1d02", "family" : "AbbFox"},
    "cpe:/o:abb:fox615_tego1_firmware:r1e01" :
        {"versionEndIncluding" : "r1e01", "versionStartIncluding" : "r1e01", "family" : "AbbFox"},
    "cpe:/o:abb:fox615_tego1_firmware:r2b16" :
        {"versionEndIncluding" : "r2b16", "versionStartIncluding" : "r2b16", "family" : "AbbFox"},
    "cpe:/o:abb:fox615_tego1_firmware:r2b16_03" :
        {"versionEndIncluding" : "r2b16_03", "versionStartIncluding" : "r2b16_03", "family" : "AbbFox"},
    "cpe:/o:abb:fox615_tego1_firmware:r15b08" :
        {"versionEndIncluding" : "r15b08", "versionStartIncluding" : "r15b08", "family" : "AbbFox"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
VendorProductVersionCPE
hitachienergyreb500_firmwarecpe:/o:hitachienergy:reb500_firmware
hitachienergyrelion_650_firmware1.1cpe:/o:hitachienergy:relion_650_firmware:1.1
hitachienergyrelion_650_firmware1.3cpe:/o:hitachienergy:relion_650_firmware:1.3
hitachienergyrelion_650_firmware2.1cpe:/o:hitachienergy:relion_650_firmware:2.1
hitachienergyrelion_650_firmware2.2.0cpe:/o:hitachienergy:relion_650_firmware:2.2.0
hitachienergyrelion_650_firmware2.2.1cpe:/o:hitachienergy:relion_650_firmware:2.2.1
hitachienergyrelion_650_firmware2.2.2cpe:/o:hitachienergy:relion_650_firmware:2.2.2
hitachienergyrelion_650_firmware2.2.3cpe:/o:hitachienergy:relion_650_firmware:2.2.3
hitachienergyrelion_650_firmware2.2.4cpe:/o:hitachienergy:relion_650_firmware:2.2.4
hitachienergyrelion_650_firmware2.2.5cpe:/o:hitachienergy:relion_650_firmware:2.2.5
Rows per page:
1-10 of 211

Related

cvelist 1
ics 1
nvd 1
prion 1
cve 1
cvelist
cvelist
CVE-2022-3353 IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products
2023-02-21 13:50:46
ics
ics
Hitachi Energy IEC 61850 MMS-Server
2023-03-30 12:00:00
nvd
nvd
CVE-2022-3353
2023-02-21 14:15:13
prion
prion
Code injection
2023-02-21 14:15:00
cve
cve
CVE-2022-3353
2023-02-21 14:15:13

0.005 Low

EPSS

Percentile

77.0%

JSON
Related for TENABLE_OT_ABB_CVE-2022-3353.NASL
cvelist1ics1nvd1prion1cve1