QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-3353

Back to search

CVE-2022-3353

Published: Feb 21, 2023

Modified: Mar 12, 2025

PUBLISHED

CVSS v3.1

5.9

MEDIUM

Description

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.  An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.  Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:* * cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*

VendorProductVersions

Hitachi Energy

FOX61x TEGO1

unaffected
tego1_r16a11
affected
tego1_r15b08
affected
tego1_r2a16_03
affected
tego1_r2a16
affected
tego1_r1e01

+3 more versions

Hitachi Energy

GMS600

affected
GMS600 1.3

Hitachi Energy

ITT600 SA Explorer

affected
ITT600 SA Explorer 1.1.0
affected
ITT600 SA Explorer 1.1.1
affected
ITT600 SA Explorer 1.1.2
affected
ITT600 SA Explorer 1.5.0
affected
ITT600 SA Explorer 1.5.1

+14 more versions

Hitachi Energy

MicroSCADA X SYS600

affected
SYS600 10
affected
SYS600 10.1
affected
SYS600 10.1.1
affected
SYS600 10.2
affected
SYS600 10.2.1

+4 more versions

Hitachi Energy

MSM

affected
MSM 2.2.3;0

Hitachi Energy

PWC600

affected
PWC600 1.0
affected
PWC600 1.1
affected
PWC600 1.2

Hitachi Energy

REB500

affected
REB500 7.0 - < 7.*
affected
REB500 8.0 - < 8.*
unaffected
REB500 8.3.3.0

Hitachi Energy

Relion® 670

affected
Relion 670 1.2
affected
Relion 670 2.0
affected
Relion 670 version 2.1
affected
Relion 670 2.2.0
affected
Relion 670 2.2.1

+4 more versions

Hitachi Energy

Relion® 650

affected
Relion 650 1.1
affected
Relion 650 1.3
affected
Relion 650 2.1
affected
Relion 650 2.2.0
affected
Relion 650 2.2.1

+4 more versions

Hitachi Energy

SAM600-IO

affected
Relion SAM600-IO 2.2.1
affected
Relion SAM600-IO 2.2.5

Hitachi Energy

RTU500

affected
RTU500 12.0.1 - <= 12.0.14
unaffected
RTU500 12.0.15
affected
RTU500 12.2.1 - <= 12.2.11
unaffected
RTU500 12.2.12
affected
RTU500 12.4.1 - <= 12.4.11

+11 more versions

Hitachi Energy

TXpert Hub CoreTec 4

affected
CoreTec 4 version 2.0.*
affected
CoreTec 4 version 2.1.*
affected
CoreTec 4 version 2.2.*
affected
CoreTec 4 version 2.3.*
affected
CoreTec 4 version 2.4.*

+1 more versions

Hitachi Energy

TXpert Hub CoreTec 5

affected
CoreTec 5 version 3.0.*

Weaknesses (CWE)

CWE-404

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now