Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.
Una vulnerabilidad de comprobación inapropiada de la entrada en Hitachi ABB Power Grids Relion 670, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600, permite a un atacante con acceso a la red IEC 61850 que conozca cómo reproducir el ataque, así como las direcciones IP de los diferentes puntos de acceso IEC 61850 (de los IED/productos), pueda forzar el reinicio del dispositivo, lo que lo deja inoperativo durante aproximadamente 60 segundos. Esta vulnerabilidad afecta únicamente a los productos con interfaces IEC 61850. Este problema afecta a: Hitachi ABB Power Grids Relion 670 Series versiones 1.1; versiones 1.2.3 anteriores a 1.2.3.20; versiones 2.0 anteriores a 2.0.0.13; versiones 2.1; versiones 2.2.2 anteriores a 2.2.2.3; 2.2.3 anteriores a 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series versiones 2.2.0 anteriores a 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO versiones 2.2.1 anteriores a 2.2.1.6. Hitachi ABB Power Grids Relion 650 versiones 1.1; 1.2; versiones 1.3 anteriores a 1.3.0.7. Hitachi ABB Power Grids REB500 versiones 7.3; 7.4; versiones 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x versiones 7.x y versiones anteriores; versiones 8.x y versiones anteriores; versiones 9.x, 9.x y versiones anteriores; versiones 10.x .x y versiones anteriores; versiones 11.x y versiones anteriores; versiones 12.x y versiones anteriores. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 versiones R1D02 y anteriores. Hitachi ABB Power Grids MSM versiones 2.1.0 anteriores a 2.1.0. Hitachi ABB Power Grids GMS600 versiones 1.3.0, 1.3.0 y anteriores. Hitachi ABB Power Grids PWC600 versiones 1.0 anteriores a 1.0.1.4; versiones 1.1 anteriores a 1.1.0.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
AV:N/AC:L/Au:N/C:N/I:N/A:P
| Access Vector | NETWORK |
|---|---|
| Access Complexity | LOW |
| Authentication | NONE |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | PARTIAL |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-20
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| hitachienergy | relion_670_firmware | * | <built-in method update of dict object at 0x72a9a0123c40> | Operating System |
| hitachienergy | relion_670_firmware | * | <built-in method update of dict object at 0x72a9cc580b00> | Operating System |
| hitachienergy | relion_670_firmware | * | <built-in method update of dict object at 0x72a9b0922780> | Operating System |
| hitachienergy | relion_670_firmware | * | <built-in method update of dict object at 0x72a9b0921c00> | Operating System |
| hitachienergy | relion_670_firmware | * | <built-in method update of dict object at 0x72a99a765440> | Operating System |
| hitachienergy | relion_670_firmware | * | <built-in method update of dict object at 0x72a99a767ac0> | Operating System |
| hitachienergy | relion_670_firmware | 1.1 | <built-in method update of dict object at 0x72a9cce76680> | Operating System |
| hitachienergy | relion_670_firmware | 2.1 | <built-in method update of dict object at 0x72a9cd09cc40> | Operating System |
| hitachienergy | relion_650_firmware | * | <built-in method update of dict object at 0x72a9b0d8e9c0> | Operating System |
| hitachienergy | relion_650_firmware | * | <built-in method update of dict object at 0x72a9b0d836c0> | Operating System |
| hitachienergy | relion_650_firmware | * | <built-in method update of dict object at 0x72a9994a8b80> | Operating System |
| hitachienergy | relion_650_firmware | 1.1 | <built-in method update of dict object at 0x72a9ccf9b9c0> | Operating System |
| hitachienergy | relion_650_firmware | 1.2 | <built-in method update of dict object at 0x72a9ccf99100> | Operating System |
| hitachienergy | relion_650_firmware | 2.1 | <built-in method update of dict object at 0x72a9ccf9afc0> | Operating System |
| hitachienergy | relion_sam600-io_firmware | * | <built-in method update of dict object at 0x72a9ccf988c0> | Operating System |
| hitachienergy | rtu500_firmware | 7.0 | <built-in method update of dict object at 0x72a9ccf996c0> | Operating System |
| hitachienergy | rtu500_firmware | 8.0 | <built-in method update of dict object at 0x72a9b0d8e7c0> | Operating System |
| hitachienergy | rtu500_firmware | 9.0 | <built-in method update of dict object at 0x72a9994aa540> | Operating System |
| hitachienergy | rtu500_firmware | 10.0 | <built-in method update of dict object at 0x72a9cd09fe40> | Operating System |
| hitachienergy | rtu500_firmware | 11.0 | <built-in method update of dict object at 0x72a9b0d82d40> | Operating System |
| hitachienergy | rtu500_firmware | 12.0 | <built-in method update of dict object at 0x72aa27660700> | Operating System |
| hitachienergy | reb500_firmware | * | <built-in method update of dict object at 0x72a9cce75bc0> | Operating System |
| hitachienergy | reb500_firmware | * | <built-in method update of dict object at 0x72a99be561c0> | Operating System |
| hitachienergy | reb500_firmware | * | <built-in method update of dict object at 0x72a9b0d8d3c0> | Operating System |
| hitachienergy | fox615_tego1_firmware | * | <built-in method update of dict object at 0x72a9b0df7880> | Operating System |
| hitachienergy | modular_switchgear_monitoring_firmware | * | <built-in method update of dict object at 0x72a963c68c40> | Operating System |
| hitachienergy | gms600_firmware | * | <built-in method update of dict object at 0x72a9cce770c0> | Operating System |
| hitachienergy | pwc600_firmware | * | <built-in method update of dict object at 0x72a961ec2580> | Operating System |
| hitachienergy | pwc600_firmware | * | <built-in method update of dict object at 0x72a9cc582ac0> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:1.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.1:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:1.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:1.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.1:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:7.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:8.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:9.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:10.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:11.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:12.0:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:gms600_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:gms600:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:pwc600_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:pwc600_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:pwc600:-:*:*:*:*:*:*:* |