Sign-up

ID

VAR-202302-1726


CVE

CVE-2022-3353


TITLE

Hitachi Energy FOX61x Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202302-1698

DESCRIPTION

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*

Trust: 0.99

sources: NVD: CVE-2022-3353 // VULMON: CVE-2022-3353

AFFECTED PRODUCTS

vendor:hitachimodel:relion 670scope:eqversion:2.2.0

Trust: 1.0

vendor:hitachimodel:pwc600scope:eqversion:1.2

Trust: 1.0

vendor:hitachimodel:gms600scope:eqversion:1.3.0

Trust: 1.0

vendor:abbmodel:rtu500scope:lteversion:12.4.11.0

Trust: 1.0

vendor:abbmodel:rtu500scope:lteversion:12.0.14.0

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:2.2.3

Trust: 1.0

vendor:abbmodel:modular switchgear monitoringscope:lteversion:2.2.3

Trust: 1.0

vendor:abbmodel:sys600scope:gteversion:10.1

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:2.2.1

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:2.1

Trust: 1.0

vendor:abbmodel:rtu500scope:gteversion:12.7.1.0

Trust: 1.0

vendor:abbmodel:txpert hub coretec 4scope:lteversion:3.0.0

Trust: 1.0

vendor:abbmodel:rtu500scope:gteversion:12.2.1.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.0.2

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:2.2.5

Trust: 1.0

vendor:hitachimodel:pwc600scope:eqversion:1.0

Trust: 1.0

vendor:abbmodel:fox615 tego1scope:eqversion:r1b02

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.0.5.0

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:2.2.2

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:2.2.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.0.5.4

Trust: 1.0

vendor:abbmodel:fox615 tego1scope:eqversion:r1d02

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.5.0

Trust: 1.0

vendor:abbmodel:fox615 tego1scope:eqversion:r1e01

Trust: 1.0

vendor:abbmodel:rtu500scope:gteversion:13.3.1

Trust: 1.0

vendor:abbmodel:rtu500scope:gteversion:12.6.1.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.0.1

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.7.0

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:2.1

Trust: 1.0

vendor:abbmodel:fox615 tego1scope:eqversion:r2b16

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.6.0.1

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.6.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.1.1

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.0.3

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.1.0.4

Trust: 1.0

vendor:abbmodel:fox615 tego1scope:eqversion:r2b16_03

Trust: 1.0

vendor:abbmodel:sys600scope:lteversion:10.3.1

Trust: 1.0

vendor:abbmodel:reb500scope:gteversion:7.0

Trust: 1.0

vendor:hitachimodel:pwc600scope:eqversion:1.1

Trust: 1.0

vendor:abbmodel:rtu500scope:gteversion:12.0.1.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.1.0.5

Trust: 1.0

vendor:hitachimodel:relion sam600-ioscope:eqversion:2.2.1

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:1.3

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:2.0

Trust: 1.0

vendor:abbmodel:rtu500scope:eqversion:13.4.1

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:2.2.2

Trust: 1.0

vendor:abbmodel:fox615 tego1scope:eqversion:r15b08

Trust: 1.0

vendor:abbmodel:rtu500scope:lteversion:13.2.5.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.8.0

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:2.2.4

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:1.1

Trust: 1.0

vendor:abbmodel:txpert hub coretec 5scope:eqversion:3.0.0

Trust: 1.0

vendor:abbmodel:rtu500scope:gteversion:12.4.1.0

Trust: 1.0

vendor:abbmodel:rtu500scope:lteversion:13.3.3

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:2.2.3

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.1.2

Trust: 1.0

vendor:hitachimodel:relion sam600-ioscope:eqversion:2.2.5

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:2.2.1

Trust: 1.0

vendor:abbmodel:txpert hub coretec 4scope:gteversion:2.0.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.5.1

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.7.2

Trust: 1.0

vendor:abbmodel:reb500scope:ltversion:8.3.3

Trust: 1.0

vendor:abbmodel:rtu500scope:lteversion:12.7.4.0

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:1.2

Trust: 1.0

vendor:abbmodel:rtu500scope:lteversion:12.2.11.0

Trust: 1.0

vendor:abbmodel:rtu500scope:gteversion:13.2.1.0

Trust: 1.0

vendor:abbmodel:rtu500scope:lteversion:12.6.8.0

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:1.1.0

Trust: 1.0

vendor:abbmodel:fox615 tego1scope:eqversion:r1c07

Trust: 1.0

vendor:hitachimodel:itt600 sa explorerscope:eqversion:2.0.4.1

Trust: 1.0

vendor:hitachimodel:relion 670scope:eqversion:2.2.5

Trust: 1.0

vendor:hitachimodel:relion 650scope:eqversion:2.2.4

Trust: 1.0

sources: NVD: CVE-2022-3353

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-3353
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202302-1698
value: HIGH

Trust: 0.6

NVD: CVE-2022-3353
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202302-1698 // NVD: CVE-2022-3353

PROBLEMTYPE DATA

problemtype:CWE-404

Trust: 1.0

sources: NVD: CVE-2022-3353

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202302-1698

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202302-1698

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-3353

PATCH
title:Hitachi Energy FOX61x Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=229715
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202302-1698

EXTERNAL IDS
db:NVDid:CVE-2022-3353
Trust: 1.7
db:AUSCERTid:ESB-2023.1901
Trust: 0.6
db:CNNVDid:CNNVD-202302-1698
Trust: 0.6
db:VULMONid:CVE-2022-3353
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-3353 // 
            
            
            
            CNNVD: CNNVD-202302-1698 // 
            
            
            
            NVD: CVE-2022-3353

REFERENCES
url:https://search.abb.com/library/download.aspx?documentid=8dbd000129&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000126&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000131&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000130&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000128&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000125&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000132&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000133&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000127&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://search.abb.com/library/download.aspx?documentid=8dbd000124&languagecode=en&documentpartid=&action=launch
Trust: 1.7
url:https://cxsecurity.com/cveshow/cve-2022-3353/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2023.1901
Trust: 0.6
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-3353 // 
            
            
            
            CNNVD: CNNVD-202302-1698 // 
            
            
            
            NVD: CVE-2022-3353

SOURCES
db:VULMONid:CVE-2022-3353
db:CNNVDid:CNNVD-202302-1698
db:NVDid:CVE-2022-3353

LAST UPDATE DATE
2023-04-04T22:24:41.418000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2022-3353date:2023-02-21T00:00:00
db:CNNVDid:CNNVD-202302-1698date:2023-04-03T00:00:00
db:NVDid:CVE-2022-3353date:2023-03-21T18:11:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2022-3353date:2023-02-21T00:00:00
db:CNNVDid:CNNVD-202302-1698date:2023-02-21T00:00:00
db:NVDid:CVE-2022-3353date:2023-02-21T14:15:00