Detections
Analytics

Hitachi Energy Relion 670/650/SAM600-IO Series Improper Validation of Specified Quantity in Input (CVE-2023-4518)

high Tenable OT Security Plugin ID 501845

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability exists in the input validation of the GOOSE messages where out of range values received and processed by the IED caused a reboot of the device. In order for an attacker to exploit the vulnerability, goose receiving blocks need to be configured.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Hitachi Energy identified the following specific workarounds and mitigations users can apply to reduce risk:

- Relion 670 series Version 2.0 up to, but not including, 2.2.2.14: Update to Version 2.2.2.14
- Relion 670/650 series Version 2.1 revisions up to, but not including, 2.1.0.6: Update to Version 2.1.0.6
- Relion 670 series Version 2.2.2.x up to, but not including, 2.2.2.6: Update to Version 2.2.2.6
- Relion 670 series Version 2.2.3.x up to, but not including, 2.2.3.7: Update to Version 2.2.3.7
- Relion 670/650 series Version 2.2.4.x up to, but not including, 2.2.4.4: Update to Version 2.2.4.4
- Relion 670/650/SAM600-IO series Version 2.2.5.6 up to, but not including, 2.2.5.6: Update to Version 2.2.5.6
- Relion 670 series Version 2.2.0 all revisions and Relion 670/650/SAM600-IO series Version 2.2.1 all revisions: Apply general mitigations.

For more information see the associated Hitachi Energy PSIRT security advisory 8DBD000170 Cybersecurity Advisory - Improper Input Validation Vulnerability in Hitachi Energy's Relion® 670/650/SAM600-IO series Product.

See Also

http://www.nessus.org/u?6376cfa8

https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-02

Plugin Details

Severity: High

ID: 501845

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 12/20/2023

Updated: 6/6/2025

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-4518

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:hitachienergy:relion_670_firmware:2

Required KB Items: Tenable.ot/ABB

Exploit Ease: No known exploits are available

Patch Publication Date: 12/1/2023

Vulnerability Publication Date: 12/1/2023

Reference Information

CVE: CVE-2023-4518

CWE: 1284, 20