This advisory describes
an improper input validation vulnerability in the Hitachi ABB Power Grids Relion 670, 650, and SAM600-IO; REB500;
RTU500; FOX615 (TEGO1); MSM; GMS600; PWC600 products. The vulnerability was
reported by Markus Mahrla, of GAI NetConsult and Lars Lengersdorf, of Amprion.
Hitachi ABB has revisions that mitigate the vulnerability. There is no
indication that the researchers have been provided an opportunity to verify the
efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to reboot the device regularly,
resulting in a denial-of-service condition. During the reboot phase, the
primary functionality of the device is not available.
NOTE: Hitachi ABB published separate advisories for each of the
affected product lines.