CVE-2022-3864

Name of the Vulnerable Software and Affected Versions Relion (affected versions not specified)

Description A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart, resulting in a temporary Denial of Service. An attacker could exploit this issue by gaining access to the system with security privileges and attempting to update the IED with a malicious update package. After the restart, the device returns to normal operation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.