CISA reports critical flaw in Hitachi Energy Relion devices

Hitachi Energy has patched security vulnerabilities in its Relion 670, 650 series, and SAM600-IO intelligent electronic devices (IEDs) that could allow remote attackers to cause memory corruption on affected systems. 

These  devices are primarily deployed in the energy sector across critical infrastructure installations worldwide. The devices serve as protection relays and control systems for power generation, transmission, and distribution networks, making their security crucial for maintaining grid stability and preventing cascading failures.

Vulnerability summary:

• CVE-2020-35198 (CVSS score 9.8) - Integer overflow in Wind River VxWorks 7 memory allocator affecting multiple memory functions.
• CVE-2020-28895 (CVSS score 7.3) - Integer overflow in Wind River VxWorks memory allocator calloc() function 

The vulnerable systems include 

• Relion 670 series versions from 1.1 through 2.2.5.1,
• Relion 650 series versions from 1.0 through 2.2.5.1,
• SAM600-IO series version 2.2.5 up to revision 2.2.5.1. 

Hitachi Energy has released firmware updates to address both vulnerabilities across all affected product lines. The company provides specific update paths for each affected version, with recommendations to upgrade to the latest available firmware revision. 

For Relion 670/650/SAM600-IO series version 2.2.5, users should update to revision 2.2.5.2 or later. Update paths are provided for versions 2.2.4 (upgrade to 2.2.4.3), 2.2.3 (upgrade to 2.2.3.5), 2.2.2 (upgrade to 2.2.2.5), and 2.2.1 (upgrade to 2.2.1.8). For older versions from 1.1 through 2.2.0, users are directed to consult the mitigation factors and workaround sections of the security advisory for current mitigation strategies.

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at the time of the advisory publication.