CVE-2022-3864 in Relion 650info

Summary

by MITRE • 01/04/2024

A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservation

11/04/2022

Disclosure

01/04/2024

Moderation

accepted

Entry

VDB-222725

CPE

ready

CWE

CWE-345 (confirmed)

CVSS

4.5 (VulDB)

EPSS

0.00033

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-3864
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-3864
CVE Details	https://www.cvedetails.com/cve/CVE-2022-3864/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!