CVE-2021-35535
Published: Nov 18, 2021
Modified: Sep 16, 2024
CVSS v3.1
8.1
Description
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions.
| Vendor | Product | Versions |
|---|---|---|
Hitachi Energy | Relion 670 Series | affected 2.2.2 all revisionsaffected 2.2.3 - < 2.2.3.3 |
Hitachi Energy | Relion 670/650 Series | affected 2.2.0 all revisionsaffected 2.2.4 all revisions |
Hitachi Energy | Relion 670/650/SAM600-IO | affected 2.2.1 all revisions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now