VAR-202106-0959
Vulnerability from variot - Updated: 2023-04-22 23:07Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1. A remote attacker could exploit this vulnerability to force the device to reboot
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0959",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "reb500",
"scope": "lt",
"trust": 1.0,
"vendor": "hitachienergy",
"version": "8.2.0.5"
},
{
"model": "reb500",
"scope": "gte",
"trust": 1.0,
"vendor": "hitachienergy",
"version": "7.3"
},
{
"model": "reb500",
"scope": "lt",
"trust": 1.0,
"vendor": "hitachienergy",
"version": "7.60.19"
},
{
"model": "relion 670",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.3.2"
},
{
"model": "pwc600",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "1.0"
},
{
"model": "relion 670",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.0.0.13"
},
{
"model": "relion 650",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "2.1"
},
{
"model": "relion 650",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.1.6"
},
{
"model": "rtu500",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "10.0"
},
{
"model": "relion 670",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "1.2.3"
},
{
"model": "relion 650",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.0"
},
{
"model": "relion 650",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.1"
},
{
"model": "pwc600",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "1.0.1.4"
},
{
"model": "relion 650",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "1.3"
},
{
"model": "relion 670",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "1.2.3.20"
},
{
"model": "pwc600",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "1.1.0.1"
},
{
"model": "gms600",
"scope": "lte",
"trust": 1.0,
"vendor": "abb",
"version": "1.3.0"
},
{
"model": "rtu500",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "12.0"
},
{
"model": "rtu500",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "9.0"
},
{
"model": "relion 670",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.3"
},
{
"model": "relion 650",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.0.13"
},
{
"model": "fox615 tego1",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "r2a16"
},
{
"model": "relion sam600-io",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.1.6"
},
{
"model": "relion 650",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "1.2"
},
{
"model": "relion 670",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.0"
},
{
"model": "relion 670",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "1.1"
},
{
"model": "relion 650",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "1.3.0.7"
},
{
"model": "pwc600",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "1.1"
},
{
"model": "rtu500",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "8.0"
},
{
"model": "rtu500",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "7.0"
},
{
"model": "reb500",
"scope": "gte",
"trust": 1.0,
"vendor": "hitachienergy",
"version": "8.3"
},
{
"model": "relion 670",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.2.3"
},
{
"model": "relion 670",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.1.6"
},
{
"model": "relion 670",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.2"
},
{
"model": "reb500",
"scope": "lte",
"trust": 1.0,
"vendor": "hitachienergy",
"version": "8.3.1.0"
},
{
"model": "relion 670",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.1"
},
{
"model": "relion sam600-io",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.1"
},
{
"model": "rtu500",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "11.0"
},
{
"model": "relion 670",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "2.1"
},
{
"model": "relion 670",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.0"
},
{
"model": "modular switchgear monitoring",
"scope": "lt",
"trust": 1.0,
"vendor": "hitachienergy",
"version": "2.1.0"
},
{
"model": "relion 650",
"scope": "eq",
"trust": 1.0,
"vendor": "abb",
"version": "1.1"
},
{
"model": "relion 670",
"scope": "lt",
"trust": 1.0,
"vendor": "abb",
"version": "2.2.0.13"
},
{
"model": "reb500",
"scope": "gte",
"trust": 1.0,
"vendor": "hitachienergy",
"version": "8.2"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27196"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2.3.20",
"versionStartIncluding": "1.2.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.0.13",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.0.13",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.2.3",
"versionStartIncluding": "2.2.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.3.2",
"versionStartIncluding": "2.2.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abb:relion_670:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2.3.20",
"versionStartIncluding": "1.2.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.0.13",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.0.13",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.2.3",
"versionStartIncluding": "2.2.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.3.2",
"versionStartIncluding": "2.2.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_670_firmware:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:abb:relion_670:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.0.7",
"versionStartIncluding": "1.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.0.13",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abb:relion_650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.0.7",
"versionStartIncluding": "1.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.0.13",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:relion_650_firmware:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:abb:relion_650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:relion_sam600-io_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abb:relion_sam600-io:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:relion_sam600-io_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1.6",
"versionStartIncluding": "2.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:abb:relion_sam600-io:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:rtu500_firmware:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.60.19",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.0.5",
"versionStartIncluding": "8.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.1.0",
"versionStartIncluding": "8.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.60.19",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.0.5",
"versionStartIncluding": "8.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:reb500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.3.1.0",
"versionStartIncluding": "8.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:reb500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:fox615_tego1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r2a16",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:fox615_tego1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r2a16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:fox615_tego1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hitachienergy:modular_switchgear_monitoring_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hitachienergy:modular_switchgear_monitoring:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:gms600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abb:gms600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:gms600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:abb:gms600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:pwc600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:pwc600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.1.0.1",
"versionStartIncluding": "1.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abb:pwc600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:pwc600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:abb:pwc600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.1.0.1",
"versionStartIncluding": "1.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:abb:pwc600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27196"
}
]
},
"cve": "CVE-2021-27196",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-27196",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-27196",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-27196",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-350",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27196"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1. A remote attacker could exploit this vulnerability to force the device to reboot",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27196"
},
{
"db": "VULMON",
"id": "CVE-2021-27196"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-27196",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-21-096-01",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1160",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-350",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27196",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-27196"
},
{
"db": "NVD",
"id": "CVE-2021-27196"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
]
},
"id": "VAR-202106-0959",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5625
},
"last_update_date": "2023-04-22T23:07:33.304000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ABB Relion Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146523"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27196"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://search.abb.com/library/download.aspx?documentid=9akk107991a8934\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.6,
"url": "https://search.abb.com/library/download.aspx?documentid=9akk107991a9059\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.6,
"url": "https://search.abb.com/library/download.aspx?documentid=9akk107991a8936\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.6,
"url": "https://search.abb.com/library/download.aspx?documentid=9akk107991a9057\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.6,
"url": "https://search.abb.com/library/download.aspx?documentid=9akk107991a8937\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.6,
"url": "https://search.abb.com/library/download.aspx?documentid=9akk107991a9058\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.6,
"url": "https://search.abb.com/library/download.aspx?documentid=9akk107991a8932\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-096-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1160"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199519"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-27196"
},
{
"db": "NVD",
"id": "CVE-2021-27196"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-27196"
},
{
"db": "NVD",
"id": "CVE-2021-27196"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-14T22:15:00",
"db": "NVD",
"id": "CVE-2021-27196"
},
{
"date": "2021-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-19T15:32:00",
"db": "NVD",
"id": "CVE-2021-27196"
},
{
"date": "2021-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ABB Relion Input validation error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-350"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…