Vulnerability Details : CVE-2022-3353
A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*
Products affected by CVE-2022-3353
- cpe:2.3:o:hitachienergy:sys600_firmware:*:*:*:*:*:*:*:*
- Hitachienergy » Rtu500 FirmwareVersions from including (>=) 13.3.1 and up to, including, (<=) 13.3.3cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*
- Hitachienergy » Rtu500 FirmwareVersions from including (>=) 13.2.1.0 and up to, including, (<=) 13.2.5.0cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*
- Hitachienergy » Rtu500 FirmwareVersions from including (>=) 12.6.1.0 and up to, including, (<=) 12.6.8.0cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*
- Hitachienergy » Rtu500 FirmwareVersions from including (>=) 12.4.1.0 and up to, including, (<=) 12.4.11.0cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*
- Hitachienergy » Rtu500 FirmwareVersions from including (>=) 12.0.1.0 and up to, including, (<=) 12.0.14.0cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*
- Hitachienergy » Rtu500 FirmwareVersions from including (>=) 12.7.1.0 and up to, including, (<=) 12.7.4.0cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*
- Hitachienergy » Rtu500 FirmwareVersions from including (>=) 12.2.1.0 and up to, including, (<=) 12.2.11.0cpe:2.3:o:hitachienergy:rtu500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:pwc600_firmware:1.0:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:pwc600_firmware:1.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:pwc600_firmware:1.2:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:1.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:1.3:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:1.2:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:gms600_firmware:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1b02:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1c07:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1d02:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1e01:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16_03:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r15b08:*:*:*:*:*:*:*
- Hitachienergy » Txpert Hub Coretec 4 FirmwareVersions from including (>=) 2.0.0 and up to, including, (<=) 3.0.0cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hitachienergy:txpert_hub_coretec_5_firmware:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-3353
0.75%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-3353
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
Hitachi Energy | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2022-3353
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by:
- cybersecurity@hitachienergy.com (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2022-3353
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
-
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory
Jump to