Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2022-3353

Disclosure Date: February 21, 2023
CVE-2022-3353 CVSS v3 Base Score: 7.5
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. 

An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. 

Already existing/established client-server connections are not affected.

List of affected CPEs:

  • cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:::::::*
  • cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:::::::*
  • cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:::::::*
  • cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:::::::*
  • cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:::::::*
  • cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:::::::*
  • cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:::::::*
  • cpe:2.3:a:hitachienergy:gms600:1.3.0:::::::*
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.:::::::
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.:::::::
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::*
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::*
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::*
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::*
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::*
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.:::::::
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::*
  • cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::*
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10:::::::*
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10.:::::::
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:::::::*
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:::::::*
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:::::::*
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:::::::*
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:::::::*
  • cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:::::::*
  • cpe:2.3:a:hitachienergy:mms:2.2.3:::::::*
  • cpe:2.3:a:hitachienergy:pwc600:1.0:::::::*
  • cpe:2.3:a:hitachienergy:pwc600:1.1:::::::*
  • cpe:2.3:a:hitachienergy:pwc600:1.2:::::::*
  • cpe:2.3:o:hitachienergy:reb500:7::::::::
  • cpe:2.3:o:hitachienergy:reb500:8:::::::*
  • cpe:2.3:o:hitachienergy:relion670:1.2.:::::::
  • cpe:2.3:o:hitachienergy:relion670:2.0.:::::::
  • cpe:2.3:o:hitachienergy:relion650:1.1.:::::::
  • cpe:2.3:o:hitachienergy:relion650:1.3.:::::::
  • cpe:2.3:o:hitachienergy:relion650:2.1.:::::::
  • cpe:2.3:o:hitachienergy:relion670:2.1.:::::::
  • cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:::::::*
  • cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:::::::*
  • cpe:2.3:o:hitachienergy:relion670:2.2.:::::::
  • cpe:2.3:o:hitachienergy:relion650:2.2.:::::::
  • cpe:2.3:o:hitachienergy:rtu500cmu:12..:::::::*
  • cpe:2.3:a:hitachienergy:rtu500cmu:13..:::::::*
  • cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.:::::::
  • cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:::::::*
  • cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:::::::*

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
FOX61x TEGO1 not down converted
GMS600 GMS600 1.3
ITT600 SA Explorer not down converted
MicroSCADA X SYS600 not down converted
MSM MSM 2.2.3;0
PWC600 PWC600 1.0
PWC600 PWC600 1.1
PWC600 PWC600 1.2
REB500 not down converted
Relion® 670 Relion 670 1.2
Relion® 670 Relion 670 2.0
Relion® 670 Relion 670 version 2.1
Relion® 670 Relion 670 2.2.0
Relion® 670 Relion 670 2.2.1
Relion® 670 Relion 670 2.2.2
Relion® 670 Relion 670 2.2.3
Relion® 670 Relion 670 2.2.4
Relion® 670 Relion 670 2.2.5
Relion® 650 Relion 650 1.1
Relion® 650 Relion 650 1.3
Relion® 650 Relion 650 2.1
Relion® 650 Relion 650 2.2.0
Relion® 650 Relion 650 2.2.1
Relion® 650 Relion 650 2.2.2
Relion® 650 Relion 650 2.2.3
Relion® 650 Relion 650 2.2.4
Relion® 650 Relion 650 2.2.5
SAM600-IO Relion SAM600-IO 2.2.1
SAM600-IO Relion SAM600-IO 2.2.5
RTU500 not down converted
TXpert Hub CoreTec 4 CoreTec 4 version 2.0.*
TXpert Hub CoreTec 4 CoreTec 4 version 2.1.*
TXpert Hub CoreTec 4 CoreTec 4 version 2.2.*
TXpert Hub CoreTec 4 CoreTec 4 version 2.3.*
TXpert Hub CoreTec 4 CoreTec 4 version 2.4.*
TXpert Hub CoreTec 4 CoreTec 4 version 3.0.*
TXpert Hub CoreTec 5 CoreTec 5 version 3.0.*
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

Products

Technical Analysis