Ekip Com IEC61850 Vulnerability in 3rd Party Library

MonitorCVSS 6.52crt000007Apr 29, 2025

ABB

Attack path

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

A vulnerability exists in a third-party library used by Ekip Com IEC61850 versions prior to 3.08. An attacker with access to the IEC 61850 network could send a specially crafted message that causes the device to stop communicating on the network. This affects the ability to monitor and control power equipment through the IEC 61850 gateway.

What this means

What could happen

An attacker could cause the Ekip Com IEC61850 gateway to stop communicating on the IEC 61850 network, preventing communication between substations and control centers and disrupting real-time monitoring and control of power equipment.

Who's at risk

This vulnerability affects power utilities and substations that rely on Ekip Com IEC61850 gateways for SCADA communication between substations and control centers. It is relevant to any organization using ABB's IEC 61850 gateway hardware for real-time monitoring and control of power grid assets.

How it could be exploited

An attacker with access to the local network segment where the Ekip Com device is connected could send a specially crafted IEC 61850 message that triggers a fault condition in a third-party library, causing the device to stop processing network communications.

Prerequisites

Network access to the IEC 61850 network segment where the Ekip Com device is deployed
No authentication required
Device must be running a vulnerable firmware version (prior to 3.08)

remotely exploitableno authentication requiredlow complexityaffects SCADA/ICS operationsno user interaction required

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

Ekip Com IEC61850 < 3.08<3.083.08

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGRestrict network access to IEC 61850 ports to only authorized substations and control center connections

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Ekip Com IEC61850 to firmware version 3.08 or later

Long-term hardening

0/1

HARDENINGReview and apply defensive measures detailed in the Ekip Com IEC61850 product instruction manual 'Mitigation factors' section

CVEs (1)

CVE-2022-38138

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0c61b45a-cf08-4c29-9e77-009983e8600c

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.