CVE-2022-3353 - Vulnerability Details

A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.

An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.

Already existing/established client-server connections are not affected.

List of affected CPEs:

* cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:gms600:1.3.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:mms:2.2.3:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.1:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:pwc600:1.2:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:reb500:7:*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:reb500:8:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:1.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.0.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:1.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:1.3.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:2.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.1.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion670:2.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:relion650:2.2.*:*:*:*:*:*:*:*
* cpe:2.3:o:hitachienergy:rtu500cmu:12.*.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:rtu500cmu:13.*.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.*:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:*:*:*:*:*:*:*
* cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:*:*:*:*:*:*:*

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00331.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Hitachienergy	Fox615 Tego1 Fox615 Tego1 Firmware Gms600 Gms600 Firmware Itt600 Sa Explorer Modular Switchgear Monitoring Modular Switchgear Monitoring Firmware Pwc600 Pwc600 Firmware Reb500 Reb500 Firmware Relion 650 Relion 650 Firmware Relion 670 Relion 670 Firmware Relion Sam600-io Relion Sam600-io Firmware Rtu500 Rtu500 Firmware Sys600 Sys600 Firmware Txpert Hub Coretec 4 Txpert Hub Coretec 4 Firmware Txpert Hub Coretec 5 Txpert Hub Coretec 5 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hitachienergy:sys600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:sys600:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1:::::::*

cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:hitachienergy:pwc600_firmware:1.0:::::::*
	cpe:2.3:o:hitachienergy:pwc600_firmware:1.1:::::::*
	cpe:2.3:o:hitachienergy:pwc600_firmware:1.2:::::::*

cpe:2.3:h:hitachienergy:pwc600:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:*

Configuration 6 [-]

OR	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.2:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.2:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.3:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.4.1:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.0:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.5.4:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::*
	cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::*

Configuration 7 [-]

AND

OR	cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_sam600-io_firmware:2.2.5:::::::*

cpe:2.3:h:hitachienergy:relion_sam600-io:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

OR	cpe:2.3:o:hitachienergy:relion_650_firmware:1.1:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:1.3:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.0:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.2:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.3:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.4:::::::*
	cpe:2.3:o:hitachienergy:relion_650_firmware:2.2.5:::::::*

cpe:2.3:h:hitachienergy:relion_650:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

OR	cpe:2.3:o:hitachienergy:relion_670_firmware:1.2:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.0:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.0:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.1:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.2:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.3:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.4:::::::*
	cpe:2.3:o:hitachienergy:relion_670_firmware:2.2.5:::::::*

cpe:2.3:h:hitachienergy:relion_670:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hitachienergy:gms600_firmware:1.3.0:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:gms600:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1b02:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1c07:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1d02:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r1e01:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r2b16_03:::::::*
	cpe:2.3:o:hitachienergy:fox615_tego1_firmware:r15b08:::::::*

cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:hitachienergy:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:txpert_hub_coretec_4:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:hitachienergy:txpert_hub_coretec_5_firmware:3.0.0:*:*:*:*:*:*:*

cpe:2.3:h:hitachienergy:txpert_hub_coretec_5:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-42738	A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections. Already existing/established client-server connections are not affected. List of affected CPEs: * cpe:2.3:o:hitachienergy:fox61x_tego1:r15b08:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16_3:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r2a16:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1e01:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1d02:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1c07:::::::* * cpe:2.3:o:hitachienergy:fox61x_tego1:r1b02:::::::* * cpe:2.3:a:hitachienergy:gms600:1.3.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.1.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.5.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.6.0.1:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.7.2:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:1.8.0:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.0.::::::: * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.4:::::::* * cpe:2.3:a:hitachienergy:itt600_sa_explorer:2.1.0.5:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.::::::: * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:::::::* * cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4.1:::::::* * cpe:2.3:a:hitachienergy:mms:2.2.3:::::::* * cpe:2.3:a:hitachienergy:pwc600:1.0:::::::* * cpe:2.3:a:hitachienergy:pwc600:1.1:::::::* * cpe:2.3:a:hitachienergy:pwc600:1.2:::::::* * cpe:2.3:o:hitachienergy:reb500:7:::::::: * cpe:2.3:o:hitachienergy:reb500:8:::::::* * cpe:2.3:o:hitachienergy:relion670:1.2.::::::: * cpe:2.3:o:hitachienergy:relion670:2.0.::::::: * cpe:2.3:o:hitachienergy:relion650:1.1.::::::: * cpe:2.3:o:hitachienergy:relion650:1.3.::::::: * cpe:2.3:o:hitachienergy:relion650:2.1.::::::: * cpe:2.3:o:hitachienergy:relion670:2.1.::::::: * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.1:::::::* * cpe:2.3:o:hitachienergy:relionSAM600-IO:2.2.5:::::::* * cpe:2.3:o:hitachienergy:relion670:2.2.::::::: * cpe:2.3:o:hitachienergy:relion650:2.2.::::::: * cpe:2.3:o:hitachienergy:rtu500cmu:12..:::::::* * cpe:2.3:a:hitachienergy:rtu500cmu:13..:::::::* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:2.::::::: * cpe:2.3:a:hitachienergy:txpert_hub_coretec_4:3.0:::::::* * cpe:2.3:a:hitachienergy:txpert_hub_coretec_5:3.0:::::::*

Fixes

Solution

Upgrade the system once remediated version is available.

Workaround

Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000124&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000125&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000126&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000127&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000128&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000129&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000130&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000131&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000132&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000133&LanguageCode=en&DocumentPartId=&Action=Launch

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00331}`	epss `{'score': 0.0034}`

Wed, 12 Mar 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2023-02-21T13:50:46.145Z

Updated: 2025-03-12T15:17:11.275Z

Reserved: 2022-09-28T12:22:08.645Z

Link: CVE-2022-3353

Vulnrichment

Updated: 2024-08-03T01:07:06.451Z

NVD

Status : Modified

Published: 2023-02-21T14:15:13.463

Modified: 2024-11-21T07:19:21.390

Link: CVE-2022-3353

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object