Vulnerabilities > CVE-2021-22283 - Improper Initialization vulnerability in ABB products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

abb

CWE-665

NVD

Published: 2023-02-28

Updated: 2023-11-07

Summary

Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB Relion protection relays - RER615, ABB Remote Monitoring and Control - REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.This issue affects Relion protection relays - 611 series: from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays - 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3; Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3; Merging Unit- SMU615: from 1.0.0 before 1.0.2.

Vulnerable Configurations

Part	Description	Count
OS	Abb ABB Smu615 Firmware - ABB Rec615 Firmware - ABB Rer615 Firmware - ABB Evd4 Firmware * ABB Ref615R Firmware * ABB Rex640 Pcl3 Firmware - ABB Rex640 Pcl2 Firmware - ABB Rex640 Pcl1 Firmware - ABB Rex640 Pcl1 Firmware 1.0.7 ABB Rer620 Firmware * ABB Relion 611 Firmware * ABB Ref615 IEC Firmware * ABB Ref615 Ansi Firmware * ABB Red615 IEC Firmware * ABB Relion 615 IEC Firmware * ABB Relion 615 CN Firmware * ABB Relion 615 Ansi Firmware * ABB Relion 620 IEC Firmware * ABB Relion 620 CN Firmware * ABB Relion 620 Ansi Firmware *	20
Hardware	Abb ABB Smu615 - ABB Rec615 - ABB Rer615 - ABB Evd4 - ABB Ref615R - ABB Rex640 Pcl3 - ABB Rex640 Pcl2 - ABB Rex640 Pcl1 - ABB Rer620 - ABB Relion 611 - ABB Ref615 IEC 1.0 ABB Ref615 IEC 1.1 ABB Ref615 Ansi 1.0 ABB Ref615 Ansi 1.1 ABB Red615 IEC 1.1 ABB Relion 615 IEC 2.0 ABB Relion 615 IEC 3.0 ABB Relion 615 IEC 4.0 ABB Relion 615 IEC 5.0 ABB Relion 615 CN 2.0 ABB Relion 615 CN 3.0 ABB Relion 615 CN 3.1 ABB Relion 615 CN 4.0 ABB Relion 615 CN 5.0 ABB Relion 615 Ansi 2.0 ABB Relion 615 Ansi 4.0 ABB Relion 615 Ansi 5.0 ABB Relion 620 IEC 2.0 ABB Relion 620 CN 2.0 ABB Relion 620 Ansi -	37

Common Weakness Enumeration (CWE)

CWE-665 - Improper Initialization

Common Attack Pattern Enumeration and Classification (CAPEC)

Leveraging Race Conditions
This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.

References

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001147&LanguageCode=en&DocumentPartId=&Action=Launch