OTPulse
FeedAboutContact

Ekip Com IEC61850 Vulnerability in 3rd Party Library

Monitor6.52crt000007Apr 29, 2025
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A vulnerability in a third-party library used by Ekip Com IEC61850 allows an attacker with network access to send a crafted IEC 61850 protocol message that causes the communication gateway to stop responding on the network, interrupting remote monitoring and control of connected grid equipment. The vulnerability affects versions prior to 3.08.

What this means
What could happen
An attacker could cause the Ekip Com IEC61850 communication gateway to stop responding on the IEC 61850 network, interrupting remote monitoring and control of connected equipment such as substations or distribution devices.
Who's at risk
Organizations operating electric utilities, substations, or energy distribution networks that use ABB's Ekip Com IEC61850 communication gateway for remote monitoring and control of substation equipment should assess whether they are running vulnerable versions.
How it could be exploited
An attacker with network access to the Ekip Com IEC61850 device could send a specially crafted IEC 61850 protocol message that triggers a vulnerability in the third-party library, causing the device to fail or stop processing network communications.
Prerequisites
  • Network access to the Ekip Com IEC61850 device on the IEC 61850 network (typically port 102 or local network segment)
  • No authentication or credentials required
remotely exploitableno authentication requiredlow complexityaffects critical communications infrastructure
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Ekip Com IEC61850 < 3.08<3.083.08
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGReview and apply defensive measures recommended in the Ekip Com IEC61850 product instruction manual, especially the 'Mitigation factors' section
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Ekip Com IEC61850 to version 3.08 or later
Long-term hardening
0/1
HARDENINGImplement network segmentation and access controls to restrict who can send IEC 61850 protocol messages to the Ekip Com device
View full ABB PSIRT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/0c61b45a-cf08-4c29-9e77-009983e8600c
Ekip Com IEC61850 Vulnerability in 3rd Party Library | CVSS 6.5 - OTPulse