Vulnerability-Lookup

GHSA-R27W-HFM7-9MC2

Vulnerability from github – Published: 2023-02-21 15:30 – Updated: 2023-03-21 18:30

Details

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08::::::: * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3::::::: * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16::::::: * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01::::::: * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02::::::: * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07::::::: * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02::::::: * cpe:2.3:a:hitachienergy:gms600:1.3.0::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1::::::: * cpe:2.3:a:hitachienergy:mms:2.2.3::::::: * cpe:2.3:a:hitachienergy:pwc600:1.0::::::: * cpe:2.3:a:hitachienergy:pwc600:1.1::::::: * cpe:2.3:a:hitachienergy:pwc600:1.2::::::: * cpe:2.3:o:hitachienergy:reb500:7:::::::: * cpe:2.3:o:hitachienergy:reb500:8::::::: * cpe:2.3:o:hitachienergy:relion670:1.2.::::::: * cpe:2.3:o:hitachienergy:relion670:2.0.::::::: * cpe:2.3:o:hitachienergy:relion650:1.1.::::::: * cpe:2.3:o:hitachienergy:relion650:1.3.::::::: * cpe:2.3:o:hitachienergy:relion650:2.1.::::::: * cpe:2.3:o:hitachienergy:relion670:2.1.::::::: * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1::::::: * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5::::::: * cpe:2.3:o:hitachienergy:relion670:2.2.::::::: * cpe:2.3:o:hitachienergy:relion650:2.2.::::::: * cpe:2.3:o:hitachienergy:rtu500cmu:12..::::::: * cpe:2.3:a:hitachienergy:rtu500cmu:13..::::::: * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.::::::: * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0::::::: * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:::::::*

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-3353"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-404"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-21T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*",
  "id": "GHSA-r27w-hfm7-9mc2",
  "modified": "2023-03-21T18:30:20Z",
  "published": "2023-02-21T15:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3353"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2022-3353 (GCVE-0-2022-3353)

Vulnerability from cvelistv5 – Published: 2023-02-21 13:50 – Updated: 2025-03-12 15:17

Title

IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products

Summary

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*

Severity ?

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-404 - Improper Resource Shutdown or Release

Assigner

Hitachi Energy

References

URL

Tags

	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…
	https://search.abb.com/library/Download.aspx?Docu…

Impacted products

Vendor

Product

Version

Hitachi Energy

FOX61x TEGO1

Unaffected: tego1_r16a11
Affected: tego1_r15b08
Affected: tego1_r2a16_03
Affected: tego1_r2a16
Affected: tego1_r1e01
Affected: tego1_r1d02
Affected: tego1_r1c07
Affected: tego1_r1b02

Hitachi Energy	GMS600	Affected: GMS600 1.3
Hitachi Energy	ITT600 SA Explorer	Affected: ITT600 SA Explorer 1.1.0 Affected: ITT600 SA Explorer 1.1.1 Affected: ITT600 SA Explorer 1.1.2 Affected: ITT600 SA Explorer 1.5.0 Affected: ITT600 SA Explorer 1.5.1 Affected: ITT600 SA Explorer 1.6.0 Affected: ITT600 SA Explorer 1.6.0.1 Affected: ITT600 SA Explorer 1.7.0 Affected: ITT600 SA Explorer 1.7.2 Affected: ITT600 SA Explorer 1.8.0 Affected: ITT600 SA Explorer 2.0.1 Affected: ITT600 SA Explorer 2.0.2 Affected: ITT600 SA Explorer 2.0.3 Affected: ITT600 SA Explorer 2.0.4.1 Affected: ITT600 SA Explorer 2.0.5.0 Affected: ITT600 SA Explorer 2.0.5.4 Affected: ITT600 SA Explorer 2.1.0.4 Affected: ITT600 SA Explorer 2.1.0.5 Unaffected: ITT600 SA Explorer 2.1.1.2
Hitachi Energy	MicroSCADA X SYS600	Affected: SYS600 10 Affected: SYS600 10.1 Affected: SYS600 10.1.1 Affected: SYS600 10.2 Affected: SYS600 10.2.1 Affected: SYS600 10.3 Affected: SYS600 10.3.1 Affected: SYS600 10.4 Unaffected: SYS600 10.4.1
Hitachi Energy	MSM	Affected: MSM 2.2.3;0
Hitachi Energy	PWC600	Affected: PWC600 1.0 Affected: PWC600 1.1 Affected: PWC600 1.2
Hitachi Energy	REB500	Affected: REB500 7.0 , < 7.* (7.) Affected:* REB500 8.0 , < 8.* (8.) Unaffected:* REB500 8.3.3.0
Hitachi Energy	Relion® 670	Affected: Relion 670 1.2 Affected: Relion 670 2.0 Affected: Relion 670 version 2.1 Affected: Relion 670 2.2.0 Affected: Relion 670 2.2.1 Affected: Relion 670 2.2.2 Affected: Relion 670 2.2.3 Affected: Relion 670 2.2.4 Affected: Relion 670 2.2.5
Hitachi Energy	Relion® 650	Affected: Relion 650 1.1 Affected: Relion 650 1.3 Affected: Relion 650 2.1 Affected: Relion 650 2.2.0 Affected: Relion 650 2.2.1 Affected: Relion 650 2.2.2 Affected: Relion 650 2.2.3 Affected: Relion 650 2.2.4 Affected: Relion 650 2.2.5
Hitachi Energy	SAM600-IO	Affected: Relion SAM600-IO 2.2.1 Affected: Relion SAM600-IO 2.2.5
Hitachi Energy	RTU500	Affected: RTU500 12.0.1 , ≤ 12.0.14 (12.0.14) Unaffected: RTU500 12.0.15 Affected: RTU500 12.2.1 , ≤ 12.2.11 (12.2.11) Unaffected: RTU500 12.2.12 Affected: RTU500 12.4.1 , ≤ 12.4.11 (12.4.11) Unaffected: RTU500 12.4.12 Affected: RTU500 12.6.1 , ≤ 12.6.8 (12.6.8) Unaffected: RTU500 12.6.9 Affected: RTU500 12.7.1 , ≤ 12.7.4 (12.7.4) Unaffected: RTU500 12.7.5 Affected: RTU500 13.2.1 , ≤ 13.2.5 (13.2.5) Unaffected: RTU500 13.2.6 Affected: RTU500 13.3.1 , ≤ 13.3.3 (13.3.3) Unaffected: RTU500 13.3.4 Affected: RTU500 13.4.1 Unaffected: RTU500 13.4.2
Hitachi Energy	TXpert Hub CoreTec 4	Affected: CoreTec 4 version 2.0.* Affected: CoreTec 4 version 2.1.* Affected: CoreTec 4 version 2.2.* Affected: CoreTec 4 version 2.3.* Affected: CoreTec 4 version 2.4.* Affected: CoreTec 4 version 3.0.*
Hitachi Energy	TXpert Hub CoreTec 5	Affected: CoreTec 5 version 3.0.*

Date Public ?

2023-02-14 13:30

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:07:06.451Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-3353",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-12T15:16:44.962103Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-12T15:17:11.275Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FOX61x TEGO1",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "unaffected",
              "version": "tego1_r16a11"
            },
            {
              "status": "affected",
              "version": "tego1_r15b08"
            },
            {
              "status": "affected",
              "version": "tego1_r2a16_03"
            },
            {
              "status": "affected",
              "version": "tego1_r2a16"
            },
            {
              "status": "affected",
              "version": "tego1_r1e01"
            },
            {
              "status": "affected",
              "version": "tego1_r1d02"
            },
            {
              "status": "affected",
              "version": "tego1_r1c07"
            },
            {
              "status": "affected",
              "version": "tego1_r1b02"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GMS600",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "GMS600 1.3"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ITT600 SA Explorer",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.1.0"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.1.1"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.1.2"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.5.0"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.5.1"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.6.0"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.6.0.1"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.7.0"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.7.2"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 1.8.0"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.0.1"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.0.2"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.0.3"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.0.4.1"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.0.5.0"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.0.5.4"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.1.0.4"
            },
            {
              "status": "affected",
              "version": "ITT600 SA Explorer 2.1.0.5"
            },
            {
              "status": "unaffected",
              "version": "ITT600 SA Explorer 2.1.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MicroSCADA X SYS600",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "SYS600 10"
            },
            {
              "status": "affected",
              "version": "SYS600 10.1"
            },
            {
              "status": "affected",
              "version": "SYS600 10.1.1"
            },
            {
              "status": "affected",
              "version": "SYS600 10.2"
            },
            {
              "status": "affected",
              "version": "SYS600 10.2.1"
            },
            {
              "status": "affected",
              "version": "SYS600 10.3"
            },
            {
              "status": "affected",
              "version": "SYS600 10.3.1"
            },
            {
              "status": "affected",
              "version": "SYS600 10.4"
            },
            {
              "status": "unaffected",
              "version": "SYS600 10.4.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MSM",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "MSM 2.2.3;0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PWC600",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "PWC600 1.0"
            },
            {
              "status": "affected",
              "version": "PWC600 1.1"
            },
            {
              "status": "affected",
              "version": "PWC600 1.2"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "REB500",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThan": "7.*",
              "status": "affected",
              "version": "REB500 7.0",
              "versionType": "7.*"
            },
            {
              "lessThan": "8.*",
              "status": "affected",
              "version": "REB500 8.0",
              "versionType": "8.*"
            },
            {
              "status": "unaffected",
              "version": "REB500 8.3.3.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Relion\u00ae 670",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "Relion 670 1.2"
            },
            {
              "status": "affected",
              "version": "Relion 670 2.0"
            },
            {
              "status": "affected",
              "version": "Relion 670 version 2.1"
            },
            {
              "status": "affected",
              "version": "Relion 670 2.2.0"
            },
            {
              "status": "affected",
              "version": "Relion 670 2.2.1"
            },
            {
              "status": "affected",
              "version": "Relion 670 2.2.2"
            },
            {
              "status": "affected",
              "version": "Relion 670 2.2.3"
            },
            {
              "status": "affected",
              "version": "Relion 670 2.2.4"
            },
            {
              "status": "affected",
              "version": "Relion 670 2.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Relion\u00ae 650",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "Relion 650 1.1"
            },
            {
              "status": "affected",
              "version": "Relion 650 1.3"
            },
            {
              "status": "affected",
              "version": "Relion 650 2.1"
            },
            {
              "status": "affected",
              "version": "Relion 650 2.2.0"
            },
            {
              "status": "affected",
              "version": "Relion 650 2.2.1"
            },
            {
              "status": "affected",
              "version": "Relion 650 2.2.2"
            },
            {
              "status": "affected",
              "version": "Relion 650 2.2.3"
            },
            {
              "status": "affected",
              "version": "Relion 650 2.2.4"
            },
            {
              "status": "affected",
              "version": "Relion 650 2.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SAM600-IO",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "Relion SAM600-IO 2.2.1"
            },
            {
              "status": "affected",
              "version": "Relion SAM600-IO 2.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RTU500",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "12.0.14",
              "status": "affected",
              "version": "RTU500 12.0.1",
              "versionType": "12.0.14"
            },
            {
              "status": "unaffected",
              "version": "RTU500 12.0.15"
            },
            {
              "lessThanOrEqual": "12.2.11",
              "status": "affected",
              "version": "RTU500 12.2.1",
              "versionType": "12.2.11"
            },
            {
              "status": "unaffected",
              "version": "RTU500 12.2.12"
            },
            {
              "lessThanOrEqual": "12.4.11",
              "status": "affected",
              "version": "RTU500 12.4.1",
              "versionType": "12.4.11"
            },
            {
              "status": "unaffected",
              "version": "RTU500 12.4.12"
            },
            {
              "lessThanOrEqual": "12.6.8",
              "status": "affected",
              "version": "RTU500 12.6.1",
              "versionType": "12.6.8"
            },
            {
              "status": "unaffected",
              "version": "RTU500 12.6.9"
            },
            {
              "lessThanOrEqual": "12.7.4",
              "status": "affected",
              "version": "RTU500 12.7.1",
              "versionType": "12.7.4"
            },
            {
              "status": "unaffected",
              "version": "RTU500 12.7.5"
            },
            {
              "lessThanOrEqual": "13.2.5",
              "status": "affected",
              "version": "RTU500 13.2.1",
              "versionType": "13.2.5"
            },
            {
              "status": "unaffected",
              "version": "RTU500 13.2.6"
            },
            {
              "lessThanOrEqual": "13.3.3",
              "status": "affected",
              "version": "RTU500 13.3.1",
              "versionType": "13.3.3"
            },
            {
              "status": "unaffected",
              "version": "RTU500 13.3.4"
            },
            {
              "status": "affected",
              "version": "RTU500 13.4.1"
            },
            {
              "status": "unaffected",
              "version": "RTU500 13.4.2"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TXpert Hub CoreTec 4",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "CoreTec 4 version 2.0.*"
            },
            {
              "status": "affected",
              "version": "CoreTec 4 version 2.1.*"
            },
            {
              "status": "affected",
              "version": "CoreTec 4 version 2.2.*"
            },
            {
              "status": "affected",
              "version": "CoreTec 4 version 2.3.*"
            },
            {
              "status": "affected",
              "version": "CoreTec 4 version 2.4.*"
            },
            {
              "status": "affected",
              "version": "CoreTec 4 version 3.0.*"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TXpert Hub CoreTec 5",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "CoreTec 5 version 3.0.*"
            }
          ]
        }
      ],
      "datePublic": "2023-02-14T13:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\n\n\u003cdiv\u003e\u003cp\u003eA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eAlready existing/established client-server connections are not affected.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eList of affected CPEs:\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e"
            }
          ],
          "value": "\n\n\nA vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.\u00a0\n\nAn attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.\u00a0\n\n\n\n\nAlready existing/established client-server connections are not affected.\n\n\n\n\n\nList of affected CPEs:\n\n\n\n\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*\n\n\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-130",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-130 Excessive Allocation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404 Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-21T14:09:25.358Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nUpgrade the system once remediated version is available.\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nUpgrade the system once remediated version is available.\n\n\n\n"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "IEC 61850 MMS-Server Vulnerability in  multiple Hitachi Energy Products",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nRecommended security practices and firewall configurations can help protect a process control network from \nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and \nare separated from other networks by means of a firewall system that has a minimal number of ports exposed, \nand others that have to be evaluated case by case. Process control systems should not be used for Internet \nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be \ncarefully scanned for viruses before they are connected to a control system.\n\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2022-3353",
    "datePublished": "2023-02-21T13:50:46.145Z",
    "dateReserved": "2022-09-28T12:22:08.645Z",
    "dateUpdated": "2025-03-12T15:17:11.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-R27W-HFM7-9MC2

CVE-2022-3353 (GCVE-0-2022-3353)

Tags

Sightings

Nomenclature