A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Secondary |
en
CWE-404
|
| [email protected] | Primary |
en
CWE-404
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| hitachienergy | sys600_firmware | * | <built-in method update of dict object at 0x72a9b0929f40> | Operating System |
| hitachienergy | rtu500_firmware | * | <built-in method update of dict object at 0x72a9b0dcf300> | Operating System |
| hitachienergy | rtu500_firmware | * | <built-in method update of dict object at 0x72a9b0dcd0c0> | Operating System |
| hitachienergy | rtu500_firmware | * | <built-in method update of dict object at 0x72a9cd07b2c0> | Operating System |
| hitachienergy | rtu500_firmware | * | <built-in method update of dict object at 0x72a9b092a480> | Operating System |
| hitachienergy | rtu500_firmware | * | <built-in method update of dict object at 0x72a9b092a600> | Operating System |
| hitachienergy | rtu500_firmware | * | <built-in method update of dict object at 0x72a9b0dce6c0> | Operating System |
| hitachienergy | rtu500_firmware | * | <built-in method update of dict object at 0x72a9b0dcd880> | Operating System |
| hitachienergy | rtu500_firmware | 13.4.1 | <built-in method update of dict object at 0x72a9cd0793c0> | Operating System |
| hitachienergy | reb500_firmware | * | <built-in method update of dict object at 0x72a9b0929780> | Operating System |
| hitachienergy | pwc600_firmware | 1.0 | <built-in method update of dict object at 0x72a9cd07ba00> | Operating System |
| hitachienergy | pwc600_firmware | 1.1 | <built-in method update of dict object at 0x72a9b0dce680> | Operating System |
| hitachienergy | pwc600_firmware | 1.2 | <built-in method update of dict object at 0x72a9b0dce200> | Operating System |
| hitachienergy | modular_switchgear_monitoring_firmware | * | <built-in method update of dict object at 0x72a9b0c12d00> | Operating System |
| hitachienergy | itt600_sa_explorer | 1.1.0 | <built-in method update of dict object at 0x72a9a23a2c80> | Application |
| hitachienergy | itt600_sa_explorer | 1.1.1 | <built-in method update of dict object at 0x72a9b0929640> | Application |
| hitachienergy | itt600_sa_explorer | 1.1.2 | <built-in method update of dict object at 0x72a9ccf89580> | Application |
| hitachienergy | itt600_sa_explorer | 1.5.0 | <built-in method update of dict object at 0x72a9ccf8be00> | Application |
| hitachienergy | itt600_sa_explorer | 1.5.1 | <built-in method update of dict object at 0x72a9b0dcea00> | Application |
| hitachienergy | itt600_sa_explorer | 1.6.0 | <built-in method update of dict object at 0x72a9b0dcd980> | Application |
| hitachienergy | itt600_sa_explorer | 1.6.0.1 | <built-in method update of dict object at 0x72a9cd07b700> | Application |
| hitachienergy | itt600_sa_explorer | 1.7.0 | <built-in method update of dict object at 0x72a9cd07bd80> | Application |
| hitachienergy | itt600_sa_explorer | 1.7.2 | <built-in method update of dict object at 0x72a9b0dce7c0> | Application |
| hitachienergy | itt600_sa_explorer | 1.8.0 | <built-in method update of dict object at 0x72a9b0c13100> | Application |
| hitachienergy | itt600_sa_explorer | 2.0.1 | <built-in method update of dict object at 0x72a9b0dce100> | Application |
| hitachienergy | itt600_sa_explorer | 2.0.2 | <built-in method update of dict object at 0x72a9a23a0f80> | Application |
| hitachienergy | itt600_sa_explorer | 2.0.3 | <built-in method update of dict object at 0x72a9ccf88fc0> | Application |
| hitachienergy | itt600_sa_explorer | 2.0.4.1 | <built-in method update of dict object at 0x72a9cd079640> | Application |
| hitachienergy | itt600_sa_explorer | 2.0.5.0 | <built-in method update of dict object at 0x72a9b0dcdb40> | Application |
| hitachienergy | itt600_sa_explorer | 2.0.5.4 | <built-in method update of dict object at 0x72a9b0aacbc0> | Application |
| hitachienergy | itt600_sa_explorer | 2.1.0.4 | <built-in method update of dict object at 0x72a9b0aac5c0> | Application |
| hitachienergy | itt600_sa_explorer | 2.1.0.5 | <built-in method update of dict object at 0x72a9b0aaf080> | Application |
| hitachienergy | relion_sam600-io_firmware | 2.2.1 | <built-in method update of dict object at 0x72a9b0aae980> | Operating System |
| hitachienergy | relion_sam600-io_firmware | 2.2.5 | <built-in method update of dict object at 0x72a9b0aafec0> | Operating System |
| hitachienergy | relion_650_firmware | 1.1 | <built-in method update of dict object at 0x72a9b0aae000> | Operating System |
| hitachienergy | relion_650_firmware | 1.3 | <built-in method update of dict object at 0x72a9b0aac580> | Operating System |
| hitachienergy | relion_650_firmware | 2.1 | <built-in method update of dict object at 0x72a9b0aac2c0> | Operating System |
| hitachienergy | relion_650_firmware | 2.2.0 | <built-in method update of dict object at 0x72a9b0aafd00> | Operating System |
| hitachienergy | relion_650_firmware | 2.2.1 | <built-in method update of dict object at 0x72a9b0aad580> | Operating System |
| hitachienergy | relion_650_firmware | 2.2.2 | <built-in method update of dict object at 0x72a9b0aae840> | Operating System |
| hitachienergy | relion_650_firmware | 2.2.3 | <built-in method update of dict object at 0x72a9b0aaf980> | Operating System |
| hitachienergy | relion_650_firmware | 2.2.4 | <built-in method update of dict object at 0x72a9b0aaf700> | Operating System |
| hitachienergy | relion_650_firmware | 2.2.5 | <built-in method update of dict object at 0x72a9b0aad080> | Operating System |
| hitachienergy | relion_670_firmware | 1.2 | <built-in method update of dict object at 0x72a9b0aaec40> | Operating System |
| hitachienergy | relion_670_firmware | 2.0 | <built-in method update of dict object at 0x72a9b0aacdc0> | Operating System |
| hitachienergy | relion_670_firmware | 2.1 | <built-in method update of dict object at 0x72a9b0aafd80> | Operating System |
| hitachienergy | relion_670_firmware | 2.2.0 | <built-in method update of dict object at 0x72a9b0aafe00> | Operating System |
| hitachienergy | relion_670_firmware | 2.2.1 | <built-in method update of dict object at 0x72a9b0aaf280> | Operating System |
| hitachienergy | relion_670_firmware | 2.2.2 | <built-in method update of dict object at 0x72a9b0929340> | Operating System |
| hitachienergy | relion_670_firmware | 2.2.3 | <built-in method update of dict object at 0x72a9b0dccb80> | Operating System |
| hitachienergy | relion_670_firmware | 2.2.4 | <built-in method update of dict object at 0x72a9b0dcf180> | Operating System |
| hitachienergy | relion_670_firmware | 2.2.5 | <built-in method update of dict object at 0x72a9b0dcce40> | Operating System |
| hitachienergy | gms600_firmware | 1.3.0 | <built-in method update of dict object at 0x72a9b092b5c0> | Operating System |
| hitachienergy | fox615_tego1_firmware | r1b02 | <built-in method update of dict object at 0x72a9b0dcf200> | Operating System |
| hitachienergy | fox615_tego1_firmware | r1c07 | <built-in method update of dict object at 0x72a9b0dcea40> | Operating System |
| hitachienergy | fox615_tego1_firmware | r1d02 | <built-in method update of dict object at 0x72a9b0dcc600> | Operating System |
| hitachienergy | fox615_tego1_firmware | r1e01 | <built-in method update of dict object at 0x72a9b0dce000> | Operating System |
| hitachienergy | fox615_tego1_firmware | r2b16 | <built-in method update of dict object at 0x72a9b0dcec80> | Operating System |
| hitachienergy | fox615_tego1_firmware | r2b16_03 | <built-in method update of dict object at 0x72a9b0dcc840> | Operating System |
| hitachienergy | fox615_tego1_firmware | r15b08 | <built-in method update of dict object at 0x72a9b0dced00> | Operating System |
| hitachienergy | txpert_hub_coretec_4_firmware | * | <built-in method update of dict object at 0x72a9b0dcda00> | Operating System |
| hitachienergy | txpert_hub_coretec_5_firmware | 3.0.0 | <built-in method update of dict object at 0x72a9b0929000> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:sys600_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:sys600:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:pwc600_firmware:1.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:pwc600_firmware:1.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:pwc600_firmware:1.2:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:pwc600:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.3:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.4.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.5:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:1.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:1.3:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.3:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.5:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:1.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.3:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.5:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:gms600_firmware:1.3.0:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:gms600:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1b02:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1c07:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1d02:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1e01:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16_03:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r15b08:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:txpert_hub_coretec_5_firmware:3.0.0:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:txpert_hub_coretec_5:-:*:*:*:*:*:*:* |