Hitachi Energy Updates

Your review has been sent successfully

1882

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

5 December, 2021

● High

2021-3974

All

Description:

Hitachi Energy has released security updates to address several vulnerabilities in the following products:

RTU500 series
- RTU500 series CMU Firmware Version 12.0: All versions
- RTU500 series CMU Firmware Version 12.2: All versions
- RTU500 series CMU Firmware Version 12.4: All versions
- RTU500 series CMU Firmware: Version 11.*
- RTU500 series CMU Firmware: Version 12.6.*
- RTU500 series CMU Firmware: Version 12.7.*
- RTU500 series CMU Firmware: Version 13.0.*
- RTU500 series CMU Firmware: Version 13.1.*
- RTU500 series CMU Firmware: Version 13.2.1
Relion
- Relion 670/650 series: All revisions of Version 2.2.0
- Relion 670/650/SAM600-IO series: All revisions of Version 2.2.1
- Relion 670 series: All revisions of Version 2.2.2
- Relion 670 series: All revisions of Version 2.2.3 until 2.2.3.3
- Relion 670/650 series: All revisions of Version 2.2.4
APM
- APM Edge Version 1.0
- APM Edge Version 2.0
- APM Edge Version 3.0
PCM600 Update Manager
- PCM600 Update Manager: Versions 2.1, 2.1.0.4, 2.2, 2.2.0.1, 2.2.0.2, 2.2.0.23, 2.3.0.60, 2.4.20041.1, and 2.4.20119.2

Threats:

Attacker could exploit these vulnerabilities by doing the following:

Best practice and Recommendations:

The CERT team encourages users to review Hitachi Energy security advisory and apply the necessary updates:

CERT teams recommends the following counter measures:

Minimizing network exposure for all control system devices and/or systems
Locating control system networks and devices behind firewalls and isolating them from the enterprise/business network
When remote access is required, use secure methods such as virtual private networks (VPNs)

Last updated at 5 December, 2021