A critical vulnerability affecting some Relion protection devices from ABB can be exploited to take control of a device or cause it to become inoperable, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) warned last week.
The flaw affects Relion 670 series devices made by Swiss-based industrial technology solutions provider ABB. These products provide protection and control capabilities for electrical substations and, according to CISA, they are used worldwide in the energy and critical manufacturing sectors.
Advisories published by CISA and ABB — ABB published an advisory on October 22 — the security hole is tracked as CVE-2019-18253 and it has a CVSS score of 10.
