Hitachi ABB Power Grids XMC20 Multiservice-Multiplexer

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to remotely take control of the product.

CVEs (1)

Remediations

• Hitachi ABB Power Grids has corrected the problem in the following product versions and recommends users apply the firmware update at the earliest availability
• XMC20 R4: COGE5 Version co5ne_r1h07_12.esw (and newer)
• XMC20 R6: COGE5 Version co5ne_r2d14_03.esw (and newer)
• For additional information and support please contact a product provider or a Hitachi ABB Power Grids service organization.
• Hitachi ABB Power Grids published cybersecurity advisory PGVU-PGGA-XMC20-2020034 to give users more information about this issue.
• Physically protect process control systems from direct access by unauthorized personnel.
• Do not directly connect control systems to the Internet.
• Separate control systems from other networks by means of a firewall system that has a minimal number of ports exposed.
• Do not use control systems networks for Internet browsing, instant messaging, or receiving e-mails.
• Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.

Affected Vendors

Affected Products (2)

Affected Sectors

Energy Sector