CVE-2022-3864
First published: Thu Jan 04 2024(Updated: )
A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service.
Credit: cybersecurity@hitachienergy.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Hitachi Energy Relion 650 Firmware | =2.2.0 | |
| Hitachi Energy Relion 650 Firmware | =2.2.1 | |
| Hitachi Energy Relion 650 Firmware | =2.2.4 | |
| Hitachi Energy Relion 650 Firmware | =2.2.5 | |
| Hitachi Energy Relion 650 Firmware | ||
| All of | ||
| Any of | ||
| Hitachienergy Relion 670 Firmware | =2.2.0 | |
| Hitachienergy Relion 670 Firmware | =2.2.1 | |
| Hitachienergy Relion 670 Firmware | =2.2.2 | |
| Hitachienergy Relion 670 Firmware | =2.2.3 | |
| Hitachienergy Relion 670 Firmware | =2.2.4 | |
| Hitachienergy Relion 670 Firmware | =2.2.5 | |
| Hitachi Energy Relion 670 | ||
| All of | ||
| Hitachi Energy Relion Sam600-io | =2.2.1 | |
| Hitachi Energy Relion Sam600-io |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-3864?
CVE-2022-3864 is considered to have a moderate severity level that could allow a tampered update package to cause device instability.
How do I fix CVE-2022-3864?
To fix CVE-2022-3864, ensure that you are using the latest patched firmware version provided by Hitachi Energy.
What products are affected by CVE-2022-3864?
CVE-2022-3864 affects specific versions of Hitachi Energy's Relion 650 and 670 firmware, as well as the Relion Sam600-io firmware.
Can CVE-2022-3864 be exploited remotely?
CVE-2022-3864 requires an attacker to first gain access with security privileges to exploit the vulnerability.
What should I do if I suspect exploitation of CVE-2022-3864?
If you suspect exploitation of CVE-2022-3864, immediately perform a security audit and update your firmware to the latest version.
- agent/type
- agent/event
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/hitachienergy
- canonical/hitachi energy relion 650 firmware
- version/hitachi energy relion 650 firmware/2.2.0
- version/hitachi energy relion 650 firmware/2.2.1
- version/hitachi energy relion 650 firmware/2.2.4
- version/hitachi energy relion 650 firmware/2.2.5
- canonical/hitachienergy relion 670 firmware
- version/hitachienergy relion 670 firmware/2.2.0
- version/hitachienergy relion 670 firmware/2.2.1
- version/hitachienergy relion 670 firmware/2.2.2
- version/hitachienergy relion 670 firmware/2.2.3
- version/hitachienergy relion 670 firmware/2.2.4
- version/hitachienergy relion 670 firmware/2.2.5
- canonical/hitachi energy relion 670
- canonical/hitachi energy relion sam600-io
- version/hitachi energy relion sam600-io/2.2.1