Tuesday, April 6, 2021

1 Advisory Published – 4-6-21

This advisory describes an improper input validation vulnerability in the Hitachi ABB Power Grids  Relion 670, 650, and SAM600-IO; REB500; RTU500; FOX615 (TEGO1); MSM; GMS600; PWC600 products. The vulnerability was reported by Markus Mahrla, of GAI NetConsult and Lars Lengersdorf, of Amprion. Hitachi ABB has revisions that mitigate the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit the vulnerability to reboot the device regularly, resulting in a denial-of-service condition. During the reboot phase, the primary functionality of the device is not available.

NOTE: Hitachi ABB published separate advisories for each of the affected product lines.

Relion 670, 650, and SAM600-IO

REB500

RTU500

FOX615 (TEGO1)

MSM

GMS600

PWC600

No comments:

 
/* Use this with templates/template-twocol.html */