
Hitachi Energy Relion 670, 650 and SAM600-IO Series Buffer Overflow During Update Process – CVE-2022-3864
- by Nozomi Networks
- March 3, 2023
A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service..
Sewio RTLS Studio Use of Hard-coded Password – CVE-2022-45444
- by Nozomi Networks
- February 8, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 and later contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access.
Sewio RTLS Studio Improper Input Validation – CVE-2022-43455
- by Nozomi Networks
- February 7, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service_restart modules of the software. This could allow an attacker to start, stop, or restart arbitrary services running on the server.
Sewio RTLS Studio Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) – CVE-2022-46733
- by Nozomi Networks
- February 7, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands.
Sewio RTLS Studio Improper Input Validation – CVE-2022-47917
- by Nozomi Networks
- February 7, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition.
Sewio RTLS Studio Cross-Site Request Forgery (CSRF) – CVE-2022-47395
- by Nozomi Networks
- February 7, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. An attacker could take advantage of this vulnerability to execute arbitrary maintenance operations and cause a denial-of-service condition.
Sewio RTLS Studio Cross-Site Request Forgery (CSRF) – CVE-2022-45127
- by Nozomi Networks
- February 7, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition.
Sewio RTLS Studio Out-of-bounds Write – CVE-2022-41989
- by Nozomi Networks
- February 7, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 and later does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service condition or code execution.
Sewio RTLS Studio Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) – CVE-2022-43483
- by Nozomi Networks
- February 7, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.
Threat Intelligence
Curated and maintained by Nozomi Networks Labs, the Threat Intelligence™ service provides threat and vulnerability updates to Guardian, making it easy for IT/OT professionals to stay on top of current OT and IoT risks.

Threat actors love finding new ways to attack critical infrastructure. We love finding new ways to detect their malware before damage occurs.
Andrea Carcano & Moreno Carullo
Co-founders, Nozomi Networks