Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
0

CVE-2021-22283

Disclosure Date: February 28, 2023
CVE-2021-22283 CVSS v3 Base Score: 5.5
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Improper Initialization vulnerability in ABB Relion protection relays – 611 series, ABB Relion protection relays – 615 series IEC 4.0 FP1, ABB Relion protection relays – 615 series CN 4.0 FP1, ABB Relion protection relays – 615 series IEC 5.0, ABB Relion protection relays – 615 series IEC 5.0 FP1, ABB Relion protection relays – 620 series IEC/CN 2.0, ABB Relion protection relays – 620 series IEC/CN 2.0 FP1, ABB Relion protection relays – REX640 PCL1, ABB Relion protection relays – REX640 PCL2, ABB Relion protection relays – REX640 PCL3, ABB Relion protection relays – RER615, ABB Remote Monitoring and Control – REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.This issue affects Relion protection relays – 611 series: from 1.0.0 before 2.0.3; Relion protection relays – 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays – 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays – 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays – 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays – 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays – 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays – REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays – REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays – REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays – RER615: from 2.0.0 before 2.0.3; Remote Monitoring and Control – REC615: from 1.0.0 before 2.0.3; Merging Unit- SMU615: from 1.0.0 before 1.0.2.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
5.5 Medium
Impact Score:
3.6
Exploitability Score:
1.8
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Relion protection relays - 611 series 2.0.3
Relion protection relays - 615 series IEC 4.0 FP1 4.1.9
Relion protection relays - 615 series CN 4.0 FP1 4.1.8
Relion protection relays - 615 series IEC 5.0 5.0.12
Relion protection relays - 615 series IEC 5.0 FP1 5.1.20
Relion protection relays - 620 series IEC/CN 2.0 2.0.11
Relion protection relays - 620 series IEC/CN 2.0 FP1 2.1.15
Relion protection relays - REX640 PCL1 1.0.8
Relion protection relays - REX640 PCL2 1.1.4
Relion protection relays - REX640 PCL3 1.2.1
Relion protection relays - RER615 2.0.3
Remote Monitoring and Control - REC615 2.0.3
Merging Unit- SMU615 1.0.2
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis