ABB Relion 670 Series

Risk Summary

Successful exploitation of this vulnerability may allow an attacker to read and delete files on the device.

CVEs (1)

Remediations

• ABB recommends users update to the following or later versions at earliest convenience if IEC 61850 is used: Relion 670 series version 1p1r27
• ABB recommends users update to the following or later versions at earliest convenience if IEC 61850 is used: Relion 670 series version 1.2.3.18
• ABB recommends users update to the following or later versions at earliest convenience if IEC 61850 is used: Relion 670 series version 2.0.0.11 (RES670 2.0.0.5)
• ABB recommends users update to the following or later versions at earliest convenience if IEC 61850 is used: Relion 670 series version 2.1.0.2
• Updates can be ordered by email at: [email protected]
• The only known workaround for this vulnerability is to disable IEC 61850 protocol when not in use. If this is not possible, ABB recommends having a proper security architecture that divides the system in different security zones, and revising the firewall configurations to limit the usage of MMS protocol to the relevant upper networks.
• IEC 61850 MMS protocol uses Port 102/TCP.
• Process control systems are physically protected from direct access by unauthorized personnel.
• Process control systems have no direct connections to the Internet.
• Process control systems are separated from other networks by means of a firewall system that has a minimal number of ports/services exposed.
• Process control systems should not be used for Internet surfing instant messaging or receiving e-mails.
• Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
• If IEC 61850 protocol isn’t used make sure it is disabled. This removes the vulnerability.
• For more information see the ABB Cybersecurity Advisory 1MRG024910

Affected Vendors

Affected Products (4)

Affected Sectors

Critical Manufacturing, Energy