ABB mitigated an OpenSSL vulnerability in its Relion 650 series application after issuing maintenance Release 650 series Ver 18.104.22.168, according to a report on ICS-CERT.
Exploits that target this remotely exploitable vulnerability are publicly available. The ABB Relion 650 series Ver 1.3.0 suffers from the issue.
A missing bounds check in the handling of the TLS heartbeat extension can end up used to reveal up to 64 kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.
ABB is a Swiss-based company that maintains offices around the world. ABB develops products in multiple critical sectors that deploy worldwide.
The affected product, 650 series Ver 1.3.0 family, provides protection, control, measurement, and supervision of power systems specifically supporting bay control, transformer protection, line distance protection, generator protection, busbar protection, and breaker protection. These products support the electrical sector SCADA systems.
The 650 series Ver 1.3.0 devices use the vulnerable version of OpenSSL 1.0.1c. This affects parts of the FTPS protocol and the tool access protocol. Both of these protocols use the OpenSSL component.
CVE-2014-0160 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 5.0.
An attacker with a moderate skill would be able to exploit this vulnerability.
The ABB cybersecurity team issued a Cyber Security Advisory and software maintenance Release 650 series Ver. 22.214.171.124, in order to provide adequate protection to ABB 650 series customers. ABB recommends users to apply this maintenance release based on a risk assessment and exposure of the system.
For more information, click on the ABB Cyber Security Advisory on the ABB Cyber Security Alerts & Notifications web page.
Contact your local ABB customer support to obtain patch and installation support.
If user-defined accounts ended up used, the passwords should change. In addition, cryptographic keys should end up regenerated by temporarily changing IP-address or IEC61850 name of the device.
Additional information is available from the ABB service organizations.