CVE-2022-3353

CVSS V2 None CVSS V3 None
Description
A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*
Overview
  • CVE ID
  • CVE-2022-3353
  • Assigner
  • cybersecurity@hitachienergy.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-21T14:15:13
  • Last Modified Date
  • 2023-04-19T15:40:54
Weakness Enumerations
CWE URL
CWE-404 http://cwe.mitre.org/data/definitions/404.html
CWE-404 http://cwe.mitre.org/data/definitions/404.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:abb:sys600_firmware:*:*:*:*:*:*:*:* 1 OR 10.1 10.3.1
cpe:2.3:h:abb:sys600:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:* 1 OR 12.0.1.0 12.0.14.0
cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:* 1 OR 12.2.1.0 12.2.11.0
cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:* 1 OR 12.4.1.0 12.4.11.0
cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:* 1 OR 12.6.1.0 12.6.8.0
cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:* 1 OR 12.7.1.0 12.7.4.0
cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:* 1 OR 13.2.1.0 13.2.5.0
cpe:2.3:o:abb:rtu500_firmware:*:*:*:*:*:*:*:* 1 OR 13.3.1 13.3.3
cpe:2.3:o:abb:rtu500_firmware:13.4.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:abb:rtu500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:reb500_firmware:*:*:*:*:*:*:*:* 1 OR 7.0 8.3.3
cpe:2.3:h:abb:reb500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hitachi:pwc600_firmware:1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:pwc600_firmware:1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:pwc600_firmware:1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:hitachi:pwc600:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:* 1 OR 2.2.3
cpe:2.3:h:abb:modular_switchgear_monitoring:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:hitachi:itt600_sa_explorer:1.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.5.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.5.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.0.4.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.0.5.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.0.5.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* 1 OR
AND
cpe:2.3:o:hitachi:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_sam600-io_firmware:2.2.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:hitachi:relion_sam600-io:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hitachi:relion_650_firmware:1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:2.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:2.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:2.2.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:2.2.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:2.2.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_650_firmware:2.2.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:hitachi:relion_650:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hitachi:relion_670_firmware:1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.2.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.2.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.2.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hitachi:relion_670_firmware:2.2.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:hitachi:relion_670:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hitachi:gms600_firmware:1.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:hitachi:gms600:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:fox615_tego1_firmware:r1b02:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:abb:fox615_tego1_firmware:r1c07:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:abb:fox615_tego1_firmware:r1d02:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:abb:fox615_tego1_firmware:r1e01:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:abb:fox615_tego1_firmware:r2b16:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:abb:fox615_tego1_firmware:r2b16_03:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:abb:fox615_tego1_firmware:r15b08:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:abb:fox615_tego1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:* 1 OR 2.0.0 3.0.0
cpe:2.3:h:abb:txpert_hub_coretec_4:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:abb:txpert_hub_coretec_5_firmware:3.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:abb:txpert_hub_coretec_5:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-3353
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3353
History
Created Old Value New Value Data Type Notes
2023-04-17 08:02:32 Added to TrackCVE
2023-04-17 08:02:33 Weakness Enumeration new
2023-04-19 16:02:14 2023-04-19T15:40:54 CVE Modified Date updated