CVE-2021-35535
Insufficient Security Control Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to get access to the front network port and to cause a reboot sequences of the device may exploit the vulnerability, where there is a tiny time gap during the booting process where an older version of VxWorks is loaded prior to application firmware booting, could exploit the vulnerability in the older version of VxWorks and cause a denial-of-service on the product. This issue affects: Hitachi Energy Relion 670 Series 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.3. Hitachi Energy Relion 670/650 Series 2.2.0 all revisions; 2.2.4 all revisions. Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions.
Una vulnerabilidad Insecure Boot Image en Hitachi Energy Relion Relion 670/650/SAM600-IO series permite que un atacante que consiga acceder al puerto de red frontal y causar una secuencia de reinicio del dispositivo pueda explotar la vulnerabilidad, donde se presenta un pequeño espacio de tiempo durante el proceso de arranque en el que se carga una versión antigua de VxWorks antes del arranque del firmware de la aplicación, podría explotar la vulnerabilidad de la versión antigua de VxWorks y causar una denegación de servicio en el producto. Este problema afecta a: Hitachi Energy Relion 670 Series versiones 2.2.2 todas las revisiones; versiones 2.2.3 versiones anteriores a 2.2.3.3. Hitachi Energy Relion 670/650 Series versiones 2.2.0 todas las revisiones; versiones 2.2.4 todas las revisiones. Hitachi Energy Relion 670/650/SAM600-IO versiones 2.2.1 todas las revisiones.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-06-28 CVE Reserved
- 2021-11-18 CVE Published
- 2024-07-20 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1188: Initialization of a Resource with an Insecure Default
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hitachienergy Search vendor "Hitachienergy" | Relion 670 Firmware Search vendor "Hitachienergy" for product "Relion 670 Firmware" | >= 2.2.3 <= 2.2.3.3 Search vendor "Hitachienergy" for product "Relion 670 Firmware" and version " >= 2.2.3 <= 2.2.3.3" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 670 Search vendor "Hitachienergy" for product "Relion 670" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion 670 Firmware Search vendor "Hitachienergy" for product "Relion 670 Firmware" | 2.2.0 Search vendor "Hitachienergy" for product "Relion 670 Firmware" and version "2.2.0" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 670 Search vendor "Hitachienergy" for product "Relion 670" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion 670 Firmware Search vendor "Hitachienergy" for product "Relion 670 Firmware" | 2.2.1 Search vendor "Hitachienergy" for product "Relion 670 Firmware" and version "2.2.1" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 670 Search vendor "Hitachienergy" for product "Relion 670" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion 670 Firmware Search vendor "Hitachienergy" for product "Relion 670 Firmware" | 2.2.2 Search vendor "Hitachienergy" for product "Relion 670 Firmware" and version "2.2.2" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 670 Search vendor "Hitachienergy" for product "Relion 670" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion 670 Firmware Search vendor "Hitachienergy" for product "Relion 670 Firmware" | 2.2.4 Search vendor "Hitachienergy" for product "Relion 670 Firmware" and version "2.2.4" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 670 Search vendor "Hitachienergy" for product "Relion 670" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion 650 Firmware Search vendor "Hitachienergy" for product "Relion 650 Firmware" | 2.2.0 Search vendor "Hitachienergy" for product "Relion 650 Firmware" and version "2.2.0" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 650 Search vendor "Hitachienergy" for product "Relion 650" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion 650 Firmware Search vendor "Hitachienergy" for product "Relion 650 Firmware" | 2.2.1 Search vendor "Hitachienergy" for product "Relion 650 Firmware" and version "2.2.1" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 650 Search vendor "Hitachienergy" for product "Relion 650" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion 650 Firmware Search vendor "Hitachienergy" for product "Relion 650 Firmware" | 2.2.4 Search vendor "Hitachienergy" for product "Relion 650 Firmware" and version "2.2.4" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion 650 Search vendor "Hitachienergy" for product "Relion 650" | - | - |
Safe
|
| Hitachienergy Search vendor "Hitachienergy" | Relion Sam600-io Firmware Search vendor "Hitachienergy" for product "Relion Sam600-io Firmware" | 2.2.1 Search vendor "Hitachienergy" for product "Relion Sam600-io Firmware" and version "2.2.1" | - |
Affected
| in | Hitachienergy Search vendor "Hitachienergy" | Relion Sam600-io Search vendor "Hitachienergy" for product "Relion Sam600-io" | - | - |
Safe
|