CVE-2021-27196: Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB...

Description

Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

1.57%

72.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Hitachienergy	Relion 670 Firmware	>= 1.2.3, < 1.2.3.20
Hitachienergy	Relion 670 Firmware	>= 2.0, < 2.0.0.13
Hitachienergy	Relion 670 Firmware	>= 2.2.0, < 2.2.0.13
Hitachienergy	Relion 670 Firmware	>= 2.2.1, < 2.2.1.6
Hitachienergy	Relion 670 Firmware	>= 2.2.2, < 2.2.2.3
Hitachienergy	Relion 670 Firmware	>= 2.2.3, < 2.2.3.2
Hitachienergy	Relion 670 Firmware	1.1
Hitachienergy	Relion 670 Firmware	2.1
Hitachienergy	Relion 650 Firmware	>= 1.3, < 1.3.0.7
Hitachienergy	Relion 650 Firmware	>= 2.2.0, < 2.2.0.13
Hitachienergy	Relion 650 Firmware	>= 2.2.1, < 2.2.1.6
Hitachienergy	Relion 650 Firmware	1.1
Hitachienergy	Relion 650 Firmware	1.2
Hitachienergy	Relion 650 Firmware	2.1
Hitachienergy	Relion Sam600-Io Firmware	>= 2.2.1, < 2.2.1.6
Hitachienergy	Rtu500 Firmware	7.0
Hitachienergy	Rtu500 Firmware	8.0
Hitachienergy	Rtu500 Firmware	9.0
Hitachienergy	Rtu500 Firmware	10.0
Hitachienergy	Rtu500 Firmware	11.0
Hitachienergy	Rtu500 Firmware	12.0
Hitachienergy	Reb500 Firmware	>= 7.3, < 7.60.19
Hitachienergy	Reb500 Firmware	>= 8.2, < 8.2.0.5
Hitachienergy	Reb500 Firmware	>= 8.3, <= 8.3.1.0
Hitachienergy	Fox615 Tego1 Firmware	< r2a16
Hitachienergy	Modular Switchgear Monitoring Firmware	< 2.1.0
Hitachienergy	Gms600 Firmware	<= 1.3.0
Hitachienergy	Pwc600 Firmware	>= 1.0, < 1.0.1.4
Hitachienergy	Pwc600 Firmware	>= 1.1, < 1.1.0.1

References

Timeline

Published: Jun 14, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2021-27196?

Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.

How severe is CVE-2021-27196?

CVE-2021-27196 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.57% probability of exploitation in the next 30 days.

How do I fix CVE-2021-27196?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.