Hitachi Energy Updates
1882Warning Date
Severity Level
Warning Number
Target Sector
5 December, 2021
● High
2021-3974
All
Description:
Hitachi Energy has released security updates to address several vulnerabilities in the following products:
- RTU500 series
- RTU500 series CMU Firmware Version 12.0: All versions
- RTU500 series CMU Firmware Version 12.2: All versions
- RTU500 series CMU Firmware Version 12.4: All versions
- RTU500 series CMU Firmware: Version 11.*
- RTU500 series CMU Firmware: Version 12.6.*
- RTU500 series CMU Firmware: Version 12.7.*
- RTU500 series CMU Firmware: Version 13.0.*
- RTU500 series CMU Firmware: Version 13.1.*
- RTU500 series CMU Firmware: Version 13.2.1
- Relion
- Relion 670/650 series: All revisions of Version 2.2.0
- Relion 670/650/SAM600-IO series: All revisions of Version 2.2.1
- Relion 670 series: All revisions of Version 2.2.2
- Relion 670 series: All revisions of Version 2.2.3 until 2.2.3.3
- Relion 670/650 series: All revisions of Version 2.2.4
- APM
- APM Edge Version 1.0
- APM Edge Version 2.0
- APM Edge Version 3.0
- PCM600 Update Manager
- PCM600 Update Manager: Versions 2.1, 2.1.0.4, 2.2, 2.2.0.1, 2.2.0.2, 2.2.0.23, 2.3.0.60, 2.4.20041.1, and 2.4.20119.2
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Improper Input Validation
- Denial of service attack (DoS)
- Unauthorized disclosure of information
Best practice and Recommendations:
The CERT team encourages users to review Hitachi Energy security advisory and apply the necessary updates:
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000064&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000056&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000057&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=8DBD000061&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?utm_campaign=2021.11_5282_Cybersecurity%20
CERT teams recommends the following counter measures:
- Minimizing network exposure for all control system devices and/or systems
- Locating control system networks and devices behind firewalls and isolating them from the enterprise/business network
- When remote access is required, use secure methods such as virtual private networks (VPNs)