PT-2019-15297 · Ge · Relion 670 Series+1
Published
2019-11-27
·
Updated
2023-05-16
·
CVE-2019-18247
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Relion 650 series versions 1.3.0.5 and prior
Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior
Description
An attacker may use a specially crafted message to force the device to reboot, which could cause a denial of service.
Recommendations
For Relion 650 series versions 1.3.0.5 and prior, update to a version later than 1.3.0.5 to resolve the issue.
For Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior, update to a version later than 2.1.0.1 to resolve the issue.
As a temporary workaround, consider implementing network traffic filtering to restrict specially crafted messages until a patch is available.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Relion 650 Series
Relion 670 Series