Lucene search

[email protected]NVD:CVE-2022-3353

HistoryFeb 21, 2023 - 2:15 p.m.

CVE-2022-3353

2023-02-2114:15:13

CWE-404

[email protected]

web.nvd.nist.gov

iec 61850 communication stack

hitachi energy

vulnerability

cpes affected

iec 61850 mms-server

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.0%

JSON

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.

An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.

Already existing/established client-server connections are not affected.

List of affected CPEs:

cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:::::::*
cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:::::::*
cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:::::::*
cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:::::::*
cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:::::::*
cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:::::::*
cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:::::::*
cpe:2.3:a:hitachienergy:gms600:1.3.0:::::::*
cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.:::::::
cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.:::::::
cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::*
cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::*
cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::*
cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::*
cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::*
cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.:::::::
cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::*
cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::*
cpe:2.3:a:hitachienergy:microscada_x_sys600:10:::::::*
cpe:2.3:a:hitachienergy:microscada_x_sys600:10.:::::::
cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:::::::*
cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:::::::*
cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:::::::*
cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:::::::*
cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:::::::*
cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:::::::*
cpe:2.3:a:hitachienergy:mms:2.2.3:::::::*
cpe:2.3:a:hitachienergy:pwc600:1.0:::::::*
cpe:2.3:a:hitachienergy:pwc600:1.1:::::::*
cpe:2.3:a:hitachienergy:pwc600:1.2:::::::*
cpe:2.3:o:hitachienergy:reb500:7::::::::
cpe:2.3:o:hitachienergy:reb500:8:::::::*
cpe:2.3:o:hitachienergy:relion670:1.2.:::::::
cpe:2.3:o:hitachienergy:relion670:2.0.:::::::
cpe:2.3:o:hitachienergy:relion650:1.1.:::::::
cpe:2.3:o:hitachienergy:relion650:1.3.:::::::
cpe:2.3:o:hitachienergy:relion650:2.1.:::::::
cpe:2.3:o:hitachienergy:relion670:2.1.:::::::
cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:::::::*
cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:::::::*
cpe:2.3:o:hitachienergy:relion670:2.2.:::::::
cpe:2.3:o:hitachienergy:relion650:2.2.:::::::
cpe:2.3:o:hitachienergy:rtu500cmu:12..:::::::*
cpe:2.3:a:hitachienergy:rtu500cmu:13..:::::::*
cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.:::::::
cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:::::::*
cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:::::::*

Affected configurations

NVD

Node

hitachienergysys600_firmwareRange10.1–10.3.1

AND

hitachienergysys600Match-

Node

hitachienergyrtu500_firmwareRange12.0.1.0–12.0.14.0

hitachienergyrtu500_firmwareRange12.2.1.0–12.2.11.0

hitachienergyrtu500_firmwareRange12.4.1.0–12.4.11.0

hitachienergyrtu500_firmwareRange12.6.1.0–12.6.8.0

hitachienergyrtu500_firmwareRange12.7.1.0–12.7.4.0

hitachienergyrtu500_firmwareRange13.2.1.0–13.2.5.0

hitachienergyrtu500_firmwareRange13.3.1–13.3.3

hitachienergyrtu500_firmwareMatch13.4.1

AND

hitachienergyrtu500Match-

Node

hitachienergyreb500_firmwareRange7.0–8.3.3

AND

hitachienergyreb500Match-

Node

hitachienergypwc600_firmwareMatch1.0

hitachienergypwc600_firmwareMatch1.1

hitachienergypwc600_firmwareMatch1.2

AND

hitachienergypwc600Match-

Node

hitachienergymodular_switchgear_monitoring_firmwareRange≤2.2.3

AND

hitachienergymodular_switchgear_monitoringMatch-

Node

hitachienergyitt600_sa_explorerMatch1.1.0

hitachienergyitt600_sa_explorerMatch1.1.1

hitachienergyitt600_sa_explorerMatch1.1.2

hitachienergyitt600_sa_explorerMatch1.5.0

hitachienergyitt600_sa_explorerMatch1.5.1

hitachienergyitt600_sa_explorerMatch1.6.0

hitachienergyitt600_sa_explorerMatch1.6.0.1

hitachienergyitt600_sa_explorerMatch1.7.0

hitachienergyitt600_sa_explorerMatch1.7.2

hitachienergyitt600_sa_explorerMatch1.8.0

hitachienergyitt600_sa_explorerMatch2.0.1

hitachienergyitt600_sa_explorerMatch2.0.2

hitachienergyitt600_sa_explorerMatch2.0.3

hitachienergyitt600_sa_explorerMatch2.0.4.1

hitachienergyitt600_sa_explorerMatch2.0.5.0

hitachienergyitt600_sa_explorerMatch2.0.5.4

hitachienergyitt600_sa_explorerMatch2.1.0.4

hitachienergyitt600_sa_explorerMatch2.1.0.5

Node

hitachienergyrelion_sam600-io_firmwareMatch2.2.1

hitachienergyrelion_sam600-io_firmwareMatch2.2.5

AND

hitachienergyrelion_sam600-ioMatch-

Node

hitachienergyrelion_650_firmwareMatch1.1

hitachienergyrelion_650_firmwareMatch1.3

hitachienergyrelion_650_firmwareMatch2.1

hitachienergyrelion_650_firmwareMatch2.2.0

hitachienergyrelion_650_firmwareMatch2.2.1

hitachienergyrelion_650_firmwareMatch2.2.2

hitachienergyrelion_650_firmwareMatch2.2.3

hitachienergyrelion_650_firmwareMatch2.2.4

hitachienergyrelion_650_firmwareMatch2.2.5

AND

hitachienergyrelion_650Match-

Node

hitachienergyrelion_670_firmwareMatch1.2

hitachienergyrelion_670_firmwareMatch2.0

hitachienergyrelion_670_firmwareMatch2.1

hitachienergyrelion_670_firmwareMatch2.2.0

hitachienergyrelion_670_firmwareMatch2.2.1

hitachienergyrelion_670_firmwareMatch2.2.2

hitachienergyrelion_670_firmwareMatch2.2.3

hitachienergyrelion_670_firmwareMatch2.2.4

hitachienergyrelion_670_firmwareMatch2.2.5

AND

hitachienergyrelion_670Match-

Node

hitachienergygms600_firmwareMatch1.3.0

AND

hitachienergygms600Match-

Node

hitachienergyfox615_tego1_firmwareMatchr1b02

hitachienergyfox615_tego1_firmwareMatchr1c07

hitachienergyfox615_tego1_firmwareMatchr1d02

hitachienergyfox615_tego1_firmwareMatchr1e01

hitachienergyfox615_tego1_firmwareMatchr2b16

hitachienergyfox615_tego1_firmwareMatchr2b16_03

hitachienergyfox615_tego1_firmwareMatchr15b08

AND

hitachienergyfox615_tego1Match-

Node

hitachienergytxpert_hub_coretec_4_firmwareRange2.0.0–3.0.0

AND

hitachienergytxpert_hub_coretec_4Match-

Node

hitachienergytxpert_hub_coretec_5_firmwareMatch3.0.0

AND

hitachienergytxpert_hub_coretec_5Match-

References

search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch

search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for NVD:CVE-2022-3353

cvelist1 nessus1 ics1 cve1 prion1