CVE-2021-35535— Hitachi Energy Relion 系列安全漏洞

Insufficient Security Control Vulnerability

Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions.

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

不安全的默认资源初始化

Hitachi Energy Relion 系列安全漏洞

Hitachi Energy Relion是瑞士日立能源（Hitachi Energy）公司的用于保护，控制，测量和监视为电力系统。 Hitachi Energy Relion Relion 670/650/SAM600-IO 系列中存在安全漏洞，该漏洞允许攻击者设法访问前端网络端口并导致设备重启序列。此问题影响：Hitachi Energy Relion 670 Series 2.2.2 所有版本；2.2.3.3 之前的 2.2.3 版本。Hitachi Energy Relion 670/650 系列

N/A

N/A