Unrated severityNVD Advisory· Published Nov 18, 2021· Updated Sep 16, 2024

Insufficient Security Control Vulnerability

CVE-2021-35535

Description

Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions.

Affected products

Hitachi/Relion 670/650 and SAM600-IO seriescpe-rescue
Range: 2.2.1 all revisions
Hitachi/Relion 670/650cpe-rescue
Range: 2.2.0 all revisions
Hitachi Energy/Relion 670 Seriesv5
Range: 2.2.2 all revisions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

search.abb.com/library/Download.aspxmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000