← volver
CVE-2022-3864

CVE-2022-3864

CVSS 4.5 MEDIUMEPSS 0.4%CWE-347
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.5EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
04 ene 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Productos afectados
Hitachi Energy · Relion 670/650/SAM600-IO Series

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000146&LanguageCode=en&DocumentPartId=&Action=Launch