PatchSiren cyber security CVE debrief
CVE-2022-4304 OpenSSL CVE debrief
CVE-2022-4304 is a timing-based RSA decryption side channel. In the advisory corpus, CISA maps the issue to Hitachi Energy Relion 670/650/SAM600-IO series and states that an attacker who can send many trial decryptions may be able to recover plaintext, potentially enough to decrypt data from an observed TLS connection.
- Vendor
- OpenSSL
- Product
- SINEC NMS
- CVSS
- MEDIUM 5.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-13
- Original CVE updated
- 2024-03-12
- Advisory published
- 2024-02-13
- Advisory updated
- 2024-03-12
Who should care
OT/ICS operators using Hitachi Energy Relion 670/650/SAM600-IO devices, asset owners responsible for firmware/version management, and security teams protecting RSA/TLS-exposed industrial environments should treat this as relevant. It also matters to any team validating whether a deployed device falls inside the affected version ranges.
Technical summary
The underlying flaw is described as a timing-based side channel in OpenSSL RSA decryption. The advisory says the attack can support a Bleichenbacher-style recovery of plaintext after a very large number of trial messages. The stated impact is confidentiality: a successful attacker could recover a pre-master secret from an observed connection and then decrypt application data from that session. The advisory calls out all RSA padding modes named in the description, and the CVSS vector is AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N.
Defensive priority
Medium, with higher urgency for any exposed or externally reachable RSA/TLS use in the affected product families.
Recommended defensive actions
- Validate whether any deployed devices match the affected product families and version ranges listed in the advisory.
- Update Relion 670/650/SAM600-IO deployments to the vendor-fixed versions: 2.2.1.9 or later, 2.2.2.6 or later, 2.2.3.7 or later, 2.2.4.4 or later, or 2.2.5.6 or later, as applicable.
- For Relion 670/650 series version 2.2.0 all revisions, apply the advisory's General Mitigation Factors.
- Follow CISA ICS recommended practices and defense-in-depth guidance while planning and validating remediation.
- Prioritize remediation on systems where RSA-based services are exposed to broader network access or where session confidentiality is especially sensitive.
- Track the advisory update history, since CISA republished and updated the guidance after the initial 2023-06-27 disclosure.
Evidence notes
The supplied CISA CSAF advisory and the CVE description both identify a timing-based side channel in OpenSSL RSA decryption that can be used in a Bleichenbacher-style attack after many trial messages. The machine-readable advisory maps the issue to Hitachi Energy Relion 670/650/SAM600-IO series and provides affected version ranges plus fixed versions. The record was initially published on 2023-06-27 and the latest supplied update is 2026-03-17; those dates describe advisory handling, not the original vulnerability discovery date.
Official resources
-
CVE-2022-4304 CVE record
CVE.org
-
CVE-2022-4304 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public disclosure date in the supplied record is 2023-06-27. The advisory was updated multiple times afterward, with the latest supplied modification on 2026-03-17, including updated affected-version and remediation guidance.