Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for reb500_firmware by hitachienergy

    CVE-2026-2460 (GCVE-0-2026-2460)

    Vulnerability from nvd – Published: 2026-02-24 13:24 – Updated: 2026-02-28 02:23
    VLAI
    Summary
    A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-267 - Privilege Defined with Unsafe Actions
    Assigner
    Impacted products
    Vendor Product Version
    Hitachi Energy Relion REB500 Affected: 8.0.0.0 , ≤ 8.3.3.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2460",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-28T02:23:01.866036Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-28T02:23:18.377Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Relion REB500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThanOrEqual": "8.3.3.0",
                  "status": "affected",
                  "version": "8.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-267",
                  "description": "CWE-267 Privilege Defined with Unsafe Actions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T13:43:35.340Z",
            "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
            "shortName": "Hitachi Energy"
          },
          "references": [
            {
              "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000217\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "assignerShortName": "Hitachi Energy",
        "cveId": "CVE-2026-2460",
        "datePublished": "2026-02-24T13:24:34.836Z",
        "dateReserved": "2026-02-13T11:08:27.300Z",
        "dateUpdated": "2026-02-28T02:23:18.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2459 (GCVE-0-2026-2459)

    Vulnerability from nvd – Published: 2026-02-24 13:21 – Updated: 2026-02-28 02:22
    VLAI
    Summary
    A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-267 - Privilege Defined with Unsafe Actions
    Assigner
    Impacted products
    Vendor Product Version
    Hitachi Energy Relion REB500 Affected: 8.0.0.0 , ≤ 8.3.3.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2459",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-28T02:21:26.119358Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-28T02:22:21.519Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Relion REB500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThanOrEqual": "8.3.3.0",
                  "status": "affected",
                  "version": "8.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-267",
                  "description": "CWE-267 Privilege Defined with Unsafe Actions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T13:42:34.978Z",
            "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
            "shortName": "Hitachi Energy"
          },
          "references": [
            {
              "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000217\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "assignerShortName": "Hitachi Energy",
        "cveId": "CVE-2026-2459",
        "datePublished": "2026-02-24T13:21:42.470Z",
        "dateReserved": "2026-02-13T11:08:24.044Z",
        "dateUpdated": "2026-02-28T02:22:21.519Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-3353 (GCVE-0-2022-3353)

    Vulnerability from nvd – Published: 2023-02-21 13:50 – Updated: 2025-03-12 15:17
    VLAI
    Title
    IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products
    Summary
    A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.  An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.  Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-404 - Improper Resource Shutdown or Release
    Assigner
    Impacted products
    Vendor Product Version
    Hitachi Energy FOX61x TEGO1 Unaffected: tego1_r16a11
    Affected: tego1_r15b08
    Affected: tego1_r2a16_03
    Affected: tego1_r2a16
    Affected: tego1_r1e01
    Affected: tego1_r1d02
    Affected: tego1_r1c07
    Affected: tego1_r1b02
    Create a notification for this product.
    Hitachi Energy GMS600 Affected: GMS600 1.3
    Create a notification for this product.
    Hitachi Energy ITT600 SA Explorer Affected: ITT600 SA Explorer 1.1.0
    Affected: ITT600 SA Explorer 1.1.1
    Affected: ITT600 SA Explorer 1.1.2
    Affected: ITT600 SA Explorer 1.5.0
    Affected: ITT600 SA Explorer 1.5.1
    Affected: ITT600 SA Explorer 1.6.0
    Affected: ITT600 SA Explorer 1.6.0.1
    Affected: ITT600 SA Explorer 1.7.0
    Affected: ITT600 SA Explorer 1.7.2
    Affected: ITT600 SA Explorer 1.8.0
    Affected: ITT600 SA Explorer 2.0.1
    Affected: ITT600 SA Explorer 2.0.2
    Affected: ITT600 SA Explorer 2.0.3
    Affected: ITT600 SA Explorer 2.0.4.1
    Affected: ITT600 SA Explorer 2.0.5.0
    Affected: ITT600 SA Explorer 2.0.5.4
    Affected: ITT600 SA Explorer 2.1.0.4
    Affected: ITT600 SA Explorer 2.1.0.5
    Unaffected: ITT600 SA Explorer 2.1.1.2
    Create a notification for this product.
    Hitachi Energy MicroSCADA X SYS600 Affected: SYS600 10
    Affected: SYS600 10.1
    Affected: SYS600 10.1.1
    Affected: SYS600 10.2
    Affected: SYS600 10.2.1
    Affected: SYS600 10.3
    Affected: SYS600 10.3.1
    Affected: SYS600 10.4
    Unaffected: SYS600 10.4.1
    Create a notification for this product.
    Hitachi Energy MSM Affected: MSM 2.2.3;0
    Create a notification for this product.
    Hitachi Energy PWC600 Affected: PWC600 1.0
    Affected: PWC600 1.1
    Affected: PWC600 1.2
    Create a notification for this product.
    Hitachi Energy REB500 Affected: REB500 7.0 , < 7.* (7.*)
    Affected: REB500 8.0 , < 8.* (8.*)
    Unaffected: REB500 8.3.3.0
    Create a notification for this product.
    Hitachi Energy Relion® 670 Affected: Relion 670 1.2
    Affected: Relion 670 2.0
    Affected: Relion 670 version 2.1
    Affected: Relion 670 2.2.0
    Affected: Relion 670 2.2.1
    Affected: Relion 670 2.2.2
    Affected: Relion 670 2.2.3
    Affected: Relion 670 2.2.4
    Affected: Relion 670 2.2.5
    Create a notification for this product.
    Hitachi Energy Relion® 650 Affected: Relion 650 1.1
    Affected: Relion 650 1.3
    Affected: Relion 650 2.1
    Affected: Relion 650 2.2.0
    Affected: Relion 650 2.2.1
    Affected: Relion 650 2.2.2
    Affected: Relion 650 2.2.3
    Affected: Relion 650 2.2.4
    Affected: Relion 650 2.2.5
    Create a notification for this product.
    Hitachi Energy SAM600-IO Affected: Relion SAM600-IO 2.2.1
    Affected: Relion SAM600-IO 2.2.5
    Create a notification for this product.
    Hitachi Energy RTU500 Affected: RTU500 12.0.1 , ≤ 12.0.14 (12.0.14)
    Unaffected: RTU500 12.0.15
    Affected: RTU500 12.2.1 , ≤ 12.2.11 (12.2.11)
    Unaffected: RTU500 12.2.12
    Affected: RTU500 12.4.1 , ≤ 12.4.11 (12.4.11)
    Unaffected: RTU500 12.4.12
    Affected: RTU500 12.6.1 , ≤ 12.6.8 (12.6.8)
    Unaffected: RTU500 12.6.9
    Affected: RTU500 12.7.1 , ≤ 12.7.4 (12.7.4)
    Unaffected: RTU500 12.7.5
    Affected: RTU500 13.2.1 , ≤ 13.2.5 (13.2.5)
    Unaffected: RTU500 13.2.6
    Affected: RTU500 13.3.1 , ≤ 13.3.3 (13.3.3)
    Unaffected: RTU500 13.3.4
    Affected: RTU500 13.4.1
    Unaffected: RTU500 13.4.2
    Create a notification for this product.
    Hitachi Energy TXpert Hub CoreTec 4 Affected: CoreTec 4 version 2.0.*
    Affected: CoreTec 4 version 2.1.*
    Affected: CoreTec 4 version 2.2.*
    Affected: CoreTec 4 version 2.3.*
    Affected: CoreTec 4 version 2.4.*
    Affected: CoreTec 4 version 3.0.*
    Create a notification for this product.
    Hitachi Energy TXpert Hub CoreTec 5 Affected: CoreTec 5 version 3.0.*
    Create a notification for this product.
    Date Public
    2023-02-14 13:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:07:06.451Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-12T15:16:44.962103Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T15:17:11.275Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FOX61x TEGO1",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "tego1_r16a11"
                },
                {
                  "status": "affected",
                  "version": "tego1_r15b08"
                },
                {
                  "status": "affected",
                  "version": "tego1_r2a16_03"
                },
                {
                  "status": "affected",
                  "version": "tego1_r2a16"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1e01"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1d02"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1c07"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1b02"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "GMS600",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "GMS600 1.3"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ITT600 SA Explorer",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.1.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.1.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.1.2"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.5.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.5.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.6.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.6.0.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.7.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.7.2"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.8.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.2"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.3"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.4.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.5.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.5.4"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.1.0.4"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.1.0.5"
                },
                {
                  "status": "unaffected",
                  "version": "ITT600 SA Explorer 2.1.1.2"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MicroSCADA X SYS600",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "SYS600 10"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.1.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.2"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.2.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.3"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.3.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.4"
                },
                {
                  "status": "unaffected",
                  "version": "SYS600 10.4.1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MSM",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "MSM 2.2.3;0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "PWC600",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "PWC600 1.0"
                },
                {
                  "status": "affected",
                  "version": "PWC600 1.1"
                },
                {
                  "status": "affected",
                  "version": "PWC600 1.2"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "REB500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThan": "7.*",
                  "status": "affected",
                  "version": "REB500 7.0",
                  "versionType": "7.*"
                },
                {
                  "lessThan": "8.*",
                  "status": "affected",
                  "version": "REB500 8.0",
                  "versionType": "8.*"
                },
                {
                  "status": "unaffected",
                  "version": "REB500 8.3.3.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Relion\u00ae 670",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "Relion 670 1.2"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.0"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 version 2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.0"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.2"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.3"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.4"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.5"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Relion\u00ae 650",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "Relion 650 1.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 1.3"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.0"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.2"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.3"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.4"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.5"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "SAM600-IO",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "Relion SAM600-IO 2.2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion SAM600-IO 2.2.5"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "RTU500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.14",
                  "status": "affected",
                  "version": "RTU500 12.0.1",
                  "versionType": "12.0.14"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.0.15"
                },
                {
                  "lessThanOrEqual": "12.2.11",
                  "status": "affected",
                  "version": "RTU500 12.2.1",
                  "versionType": "12.2.11"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.2.12"
                },
                {
                  "lessThanOrEqual": "12.4.11",
                  "status": "affected",
                  "version": "RTU500 12.4.1",
                  "versionType": "12.4.11"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.4.12"
                },
                {
                  "lessThanOrEqual": "12.6.8",
                  "status": "affected",
                  "version": "RTU500 12.6.1",
                  "versionType": "12.6.8"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.6.9"
                },
                {
                  "lessThanOrEqual": "12.7.4",
                  "status": "affected",
                  "version": "RTU500 12.7.1",
                  "versionType": "12.7.4"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.7.5"
                },
                {
                  "lessThanOrEqual": "13.2.5",
                  "status": "affected",
                  "version": "RTU500 13.2.1",
                  "versionType": "13.2.5"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 13.2.6"
                },
                {
                  "lessThanOrEqual": "13.3.3",
                  "status": "affected",
                  "version": "RTU500 13.3.1",
                  "versionType": "13.3.3"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 13.3.4"
                },
                {
                  "status": "affected",
                  "version": "RTU500 13.4.1"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 13.4.2"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TXpert Hub CoreTec 4",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.0.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.1.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.2.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.3.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.4.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 3.0.*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TXpert Hub CoreTec 5",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "CoreTec 5 version 3.0.*"
                }
              ]
            }
          ],
          "datePublic": "2023-02-14T13:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\n\n\u003cdiv\u003e\u003cp\u003eA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eAlready existing/established client-server connections are not affected.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eList of affected CPEs:\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e"
                }
              ],
              "value": "\n\n\nA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u00a0\n\nAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u00a0\n\n\n\n\nAlready existing/established client-server connections are not affected.\n\n\n\n\n\nList of affected CPEs:\n\n\n\n\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\n\n\n\n\n\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Improper Resource Shutdown or Release",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-21T14:09:25.358Z",
            "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
            "shortName": "Hitachi Energy"
          },
          "references": [
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nUpgrade the system once remediated version is available.\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "\nUpgrade the system once remediated version is available.\n\n\n\n"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "IEC 61850 MMS-Server Vulnerability in  multiple Hitachi Energy Products",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\u003cbr\u003e"
                }
              ],
              "value": "\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "assignerShortName": "Hitachi Energy",
        "cveId": "CVE-2022-3353",
        "datePublished": "2023-02-21T13:50:46.145Z",
        "dateReserved": "2022-09-28T12:22:08.645Z",
        "dateUpdated": "2025-03-12T15:17:11.275Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-27196 (GCVE-0-2021-27196)

    Vulnerability from nvd – Published: 2021-06-14 21:20 – Updated: 2024-09-17 03:17
    VLAI
    Title
    Specially Crafted IEC 61850 Protocol Sequence Vulnerability
    Summary
    Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.
    CWE
    • n/a
    Assigner
    Date Public
    2021-03-15 00:00
    Credits
    Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:40:47.477Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH"
            }
          ],
          "datePublic": "2021-03-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-14T21:20:38.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Refer to the cybersecurity advisories at https://www.hitachiabb-powergrids.com/offering/solutions/cybersecurity/alerts-and-notifications"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Specially Crafted IEC 61850 Protocol Sequence Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2021-03-15T11:00:00.000Z",
              "ID": "CVE-2021-27196",
              "STATE": "PUBLIC",
              "TITLE": "Specially Crafted IEC 61850 Protocol Sequence Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Refer to the cybersecurity advisories at https://www.hitachiabb-powergrids.com/offering/solutions/cybersecurity/alerts-and-notifications"
              },
              {
                "lang": "en"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-27196",
        "datePublished": "2021-06-14T21:20:38.696Z",
        "dateReserved": "2021-02-12T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:17:31.626Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-2460 (GCVE-0-2026-2460)

    Vulnerability from cvelistv5 – Published: 2026-02-24 13:24 – Updated: 2026-02-28 02:23
    VLAI
    Summary
    A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-267 - Privilege Defined with Unsafe Actions
    Assigner
    Impacted products
    Vendor Product Version
    Hitachi Energy Relion REB500 Affected: 8.0.0.0 , ≤ 8.3.3.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2460",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-28T02:23:01.866036Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-28T02:23:18.377Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Relion REB500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThanOrEqual": "8.3.3.0",
                  "status": "affected",
                  "version": "8.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-267",
                  "description": "CWE-267 Privilege Defined with Unsafe Actions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T13:43:35.340Z",
            "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
            "shortName": "Hitachi Energy"
          },
          "references": [
            {
              "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000217\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "assignerShortName": "Hitachi Energy",
        "cveId": "CVE-2026-2460",
        "datePublished": "2026-02-24T13:24:34.836Z",
        "dateReserved": "2026-02-13T11:08:27.300Z",
        "dateUpdated": "2026-02-28T02:23:18.377Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2459 (GCVE-0-2026-2459)

    Vulnerability from cvelistv5 – Published: 2026-02-24 13:21 – Updated: 2026-02-28 02:22
    VLAI
    Summary
    A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-267 - Privilege Defined with Unsafe Actions
    Assigner
    Impacted products
    Vendor Product Version
    Hitachi Energy Relion REB500 Affected: 8.0.0.0 , ≤ 8.3.3.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2459",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-28T02:21:26.119358Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-28T02:22:21.519Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Relion REB500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThanOrEqual": "8.3.3.0",
                  "status": "affected",
                  "version": "8.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-165",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-165 File Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-267",
                  "description": "CWE-267 Privilege Defined with Unsafe Actions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T13:42:34.978Z",
            "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
            "shortName": "Hitachi Energy"
          },
          "references": [
            {
              "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000217\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "assignerShortName": "Hitachi Energy",
        "cveId": "CVE-2026-2459",
        "datePublished": "2026-02-24T13:21:42.470Z",
        "dateReserved": "2026-02-13T11:08:24.044Z",
        "dateUpdated": "2026-02-28T02:22:21.519Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-3353 (GCVE-0-2022-3353)

    Vulnerability from cvelistv5 – Published: 2023-02-21 13:50 – Updated: 2025-03-12 15:17
    VLAI
    Title
    IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products
    Summary
    A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.  An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.  Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-404 - Improper Resource Shutdown or Release
    Assigner
    Impacted products
    Vendor Product Version
    Hitachi Energy FOX61x TEGO1 Unaffected: tego1_r16a11
    Affected: tego1_r15b08
    Affected: tego1_r2a16_03
    Affected: tego1_r2a16
    Affected: tego1_r1e01
    Affected: tego1_r1d02
    Affected: tego1_r1c07
    Affected: tego1_r1b02
    Create a notification for this product.
    Hitachi Energy GMS600 Affected: GMS600 1.3
    Create a notification for this product.
    Hitachi Energy ITT600 SA Explorer Affected: ITT600 SA Explorer 1.1.0
    Affected: ITT600 SA Explorer 1.1.1
    Affected: ITT600 SA Explorer 1.1.2
    Affected: ITT600 SA Explorer 1.5.0
    Affected: ITT600 SA Explorer 1.5.1
    Affected: ITT600 SA Explorer 1.6.0
    Affected: ITT600 SA Explorer 1.6.0.1
    Affected: ITT600 SA Explorer 1.7.0
    Affected: ITT600 SA Explorer 1.7.2
    Affected: ITT600 SA Explorer 1.8.0
    Affected: ITT600 SA Explorer 2.0.1
    Affected: ITT600 SA Explorer 2.0.2
    Affected: ITT600 SA Explorer 2.0.3
    Affected: ITT600 SA Explorer 2.0.4.1
    Affected: ITT600 SA Explorer 2.0.5.0
    Affected: ITT600 SA Explorer 2.0.5.4
    Affected: ITT600 SA Explorer 2.1.0.4
    Affected: ITT600 SA Explorer 2.1.0.5
    Unaffected: ITT600 SA Explorer 2.1.1.2
    Create a notification for this product.
    Hitachi Energy MicroSCADA X SYS600 Affected: SYS600 10
    Affected: SYS600 10.1
    Affected: SYS600 10.1.1
    Affected: SYS600 10.2
    Affected: SYS600 10.2.1
    Affected: SYS600 10.3
    Affected: SYS600 10.3.1
    Affected: SYS600 10.4
    Unaffected: SYS600 10.4.1
    Create a notification for this product.
    Hitachi Energy MSM Affected: MSM 2.2.3;0
    Create a notification for this product.
    Hitachi Energy PWC600 Affected: PWC600 1.0
    Affected: PWC600 1.1
    Affected: PWC600 1.2
    Create a notification for this product.
    Hitachi Energy REB500 Affected: REB500 7.0 , < 7.* (7.*)
    Affected: REB500 8.0 , < 8.* (8.*)
    Unaffected: REB500 8.3.3.0
    Create a notification for this product.
    Hitachi Energy Relion® 670 Affected: Relion 670 1.2
    Affected: Relion 670 2.0
    Affected: Relion 670 version 2.1
    Affected: Relion 670 2.2.0
    Affected: Relion 670 2.2.1
    Affected: Relion 670 2.2.2
    Affected: Relion 670 2.2.3
    Affected: Relion 670 2.2.4
    Affected: Relion 670 2.2.5
    Create a notification for this product.
    Hitachi Energy Relion® 650 Affected: Relion 650 1.1
    Affected: Relion 650 1.3
    Affected: Relion 650 2.1
    Affected: Relion 650 2.2.0
    Affected: Relion 650 2.2.1
    Affected: Relion 650 2.2.2
    Affected: Relion 650 2.2.3
    Affected: Relion 650 2.2.4
    Affected: Relion 650 2.2.5
    Create a notification for this product.
    Hitachi Energy SAM600-IO Affected: Relion SAM600-IO 2.2.1
    Affected: Relion SAM600-IO 2.2.5
    Create a notification for this product.
    Hitachi Energy RTU500 Affected: RTU500 12.0.1 , ≤ 12.0.14 (12.0.14)
    Unaffected: RTU500 12.0.15
    Affected: RTU500 12.2.1 , ≤ 12.2.11 (12.2.11)
    Unaffected: RTU500 12.2.12
    Affected: RTU500 12.4.1 , ≤ 12.4.11 (12.4.11)
    Unaffected: RTU500 12.4.12
    Affected: RTU500 12.6.1 , ≤ 12.6.8 (12.6.8)
    Unaffected: RTU500 12.6.9
    Affected: RTU500 12.7.1 , ≤ 12.7.4 (12.7.4)
    Unaffected: RTU500 12.7.5
    Affected: RTU500 13.2.1 , ≤ 13.2.5 (13.2.5)
    Unaffected: RTU500 13.2.6
    Affected: RTU500 13.3.1 , ≤ 13.3.3 (13.3.3)
    Unaffected: RTU500 13.3.4
    Affected: RTU500 13.4.1
    Unaffected: RTU500 13.4.2
    Create a notification for this product.
    Hitachi Energy TXpert Hub CoreTec 4 Affected: CoreTec 4 version 2.0.*
    Affected: CoreTec 4 version 2.1.*
    Affected: CoreTec 4 version 2.2.*
    Affected: CoreTec 4 version 2.3.*
    Affected: CoreTec 4 version 2.4.*
    Affected: CoreTec 4 version 3.0.*
    Create a notification for this product.
    Hitachi Energy TXpert Hub CoreTec 5 Affected: CoreTec 5 version 3.0.*
    Create a notification for this product.
    Date Public
    2023-02-14 13:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:07:06.451Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-12T15:16:44.962103Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T15:17:11.275Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FOX61x TEGO1",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "tego1_r16a11"
                },
                {
                  "status": "affected",
                  "version": "tego1_r15b08"
                },
                {
                  "status": "affected",
                  "version": "tego1_r2a16_03"
                },
                {
                  "status": "affected",
                  "version": "tego1_r2a16"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1e01"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1d02"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1c07"
                },
                {
                  "status": "affected",
                  "version": "tego1_r1b02"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "GMS600",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "GMS600 1.3"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ITT600 SA Explorer",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.1.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.1.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.1.2"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.5.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.5.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.6.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.6.0.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.7.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.7.2"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 1.8.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.2"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.3"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.4.1"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.5.0"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.0.5.4"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.1.0.4"
                },
                {
                  "status": "affected",
                  "version": "ITT600 SA Explorer 2.1.0.5"
                },
                {
                  "status": "unaffected",
                  "version": "ITT600 SA Explorer 2.1.1.2"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MicroSCADA X SYS600",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "SYS600 10"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.1.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.2"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.2.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.3"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.3.1"
                },
                {
                  "status": "affected",
                  "version": "SYS600 10.4"
                },
                {
                  "status": "unaffected",
                  "version": "SYS600 10.4.1"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MSM",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "MSM 2.2.3;0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "PWC600",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "PWC600 1.0"
                },
                {
                  "status": "affected",
                  "version": "PWC600 1.1"
                },
                {
                  "status": "affected",
                  "version": "PWC600 1.2"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "REB500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThan": "7.*",
                  "status": "affected",
                  "version": "REB500 7.0",
                  "versionType": "7.*"
                },
                {
                  "lessThan": "8.*",
                  "status": "affected",
                  "version": "REB500 8.0",
                  "versionType": "8.*"
                },
                {
                  "status": "unaffected",
                  "version": "REB500 8.3.3.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Relion\u00ae 670",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "Relion 670 1.2"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.0"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 version 2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.0"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.2"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.3"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.4"
                },
                {
                  "status": "affected",
                  "version": "Relion 670 2.2.5"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Relion\u00ae 650",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "Relion 650 1.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 1.3"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.0"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.2"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.3"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.4"
                },
                {
                  "status": "affected",
                  "version": "Relion 650 2.2.5"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "SAM600-IO",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "Relion SAM600-IO 2.2.1"
                },
                {
                  "status": "affected",
                  "version": "Relion SAM600-IO 2.2.5"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "RTU500",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "lessThanOrEqual": "12.0.14",
                  "status": "affected",
                  "version": "RTU500 12.0.1",
                  "versionType": "12.0.14"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.0.15"
                },
                {
                  "lessThanOrEqual": "12.2.11",
                  "status": "affected",
                  "version": "RTU500 12.2.1",
                  "versionType": "12.2.11"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.2.12"
                },
                {
                  "lessThanOrEqual": "12.4.11",
                  "status": "affected",
                  "version": "RTU500 12.4.1",
                  "versionType": "12.4.11"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.4.12"
                },
                {
                  "lessThanOrEqual": "12.6.8",
                  "status": "affected",
                  "version": "RTU500 12.6.1",
                  "versionType": "12.6.8"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.6.9"
                },
                {
                  "lessThanOrEqual": "12.7.4",
                  "status": "affected",
                  "version": "RTU500 12.7.1",
                  "versionType": "12.7.4"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 12.7.5"
                },
                {
                  "lessThanOrEqual": "13.2.5",
                  "status": "affected",
                  "version": "RTU500 13.2.1",
                  "versionType": "13.2.5"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 13.2.6"
                },
                {
                  "lessThanOrEqual": "13.3.3",
                  "status": "affected",
                  "version": "RTU500 13.3.1",
                  "versionType": "13.3.3"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 13.3.4"
                },
                {
                  "status": "affected",
                  "version": "RTU500 13.4.1"
                },
                {
                  "status": "unaffected",
                  "version": "RTU500 13.4.2"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TXpert Hub CoreTec 4",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.0.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.1.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.2.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.3.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 2.4.*"
                },
                {
                  "status": "affected",
                  "version": "CoreTec 4 version 3.0.*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TXpert Hub CoreTec 5",
              "vendor": "Hitachi Energy",
              "versions": [
                {
                  "status": "affected",
                  "version": "CoreTec 5 version 3.0.*"
                }
              ]
            }
          ],
          "datePublic": "2023-02-14T13:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\n\n\u003cdiv\u003e\u003cp\u003eA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eAlready existing/established client-server connections are not affected.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eList of affected CPEs:\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e"
                }
              ],
              "value": "\n\n\nA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u00a0\n\nAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u00a0\n\n\n\n\nAlready existing/established client-server connections are not affected.\n\n\n\n\n\nList of affected CPEs:\n\n\n\n\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\n\n\n\n\n\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Improper Resource Shutdown or Release",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-21T14:09:25.358Z",
            "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
            "shortName": "Hitachi Energy"
          },
          "references": [
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nUpgrade the system once remediated version is available.\n\n\n\u003cbr\u003e"
                }
              ],
              "value": "\nUpgrade the system once remediated version is available.\n\n\n\n"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "IEC 61850 MMS-Server Vulnerability in  multiple Hitachi Energy Products",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\u003cbr\u003e"
                }
              ],
              "value": "\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\n"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "assignerShortName": "Hitachi Energy",
        "cveId": "CVE-2022-3353",
        "datePublished": "2023-02-21T13:50:46.145Z",
        "dateReserved": "2022-09-28T12:22:08.645Z",
        "dateUpdated": "2025-03-12T15:17:11.275Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-27196 (GCVE-0-2021-27196)

    Vulnerability from cvelistv5 – Published: 2021-06-14 21:20 – Updated: 2024-09-17 03:17
    VLAI
    Title
    Specially Crafted IEC 61850 Protocol Sequence Vulnerability
    Summary
    Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.
    CWE
    • n/a
    Assigner
    Date Public
    2021-03-15 00:00
    Credits
    Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:40:47.477Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH"
            }
          ],
          "datePublic": "2021-03-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-14T21:20:38.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Refer to the cybersecurity advisories at https://www.hitachiabb-powergrids.com/offering/solutions/cybersecurity/alerts-and-notifications"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Specially Crafted IEC 61850 Protocol Sequence Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2021-03-15T11:00:00.000Z",
              "ID": "CVE-2021-27196",
              "STATE": "PUBLIC",
              "TITLE": "Specially Crafted IEC 61850 Protocol Sequence Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Hitachi ABB Power Grids thanks the following for working with us to help protect customers: Markus Mahrla, GAI NetConsult GmbH and Lars Lengersdorf, Amprion GmbH"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8932\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8936\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8934\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8937\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9057\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                },
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
                  "refsource": "CONFIRM",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A9059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Refer to the cybersecurity advisories at https://www.hitachiabb-powergrids.com/offering/solutions/cybersecurity/alerts-and-notifications"
              },
              {
                "lang": "en"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-27196",
        "datePublished": "2021-06-14T21:20:38.696Z",
        "dateReserved": "2021-02-12T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:17:31.626Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }