Hitachi Energy Relion 670, 650 and SAM600-IO

Risk Summary

Successful exploitation of this vulnerability could reboot the device regularly, resulting in a denial-of-service condition. The primary functionality of the device is not available during the reboot phase.

CVEs (1)

Remediations

• Hitachi ABB Power Grids recommends users apply relevant updates at their earliest convenience. Please contact Hitachi ABB Power Grids to acquire firmware on a specific product version. Hitachi ABB Power Grids has created these new versions to address vulnerability:
• PWC600 Version 1.0.1.4
• PWC600 Version 1.1.0.1
• GMS600 Version 1.3.1
• MSM Version 2.1.0+ (All older versions might be affected)
• FOX615 TEGO1 Version R2A16 and later
• REB500 7.6 Version 7.60.19
• REB500 8.2 Version 8.2.0.5
• REB500 8.3 Version 8.3.1.0
• For REB500 7.3, 7.4, and 7.5, it is recommended to migrate to the REB500 7.6 Version 7.60.19 or later.
• RTU500 CMU firmware release 12.6.1.0
• RTU500 CMU firmware release 12.4.10.0 (planned)
• RTU500 CMU firmware release 12.2.11.0 (planned)
• RTU500 CMU firmware release 12.0.14.0 (planned)
• For RTU500 series version of release 11 and older, migration to latest release 12 is recommended.
• Relion 670 series Version 1.1: Please follow recommendation as listed in the mitigation factor section or upgrade to the latest product version. For upgrades, please contact Hitachi ABB Power Grids.
• Relion 670 series Version 1.2.3: Fixed in revision 670 1.2.3.20
• Relion 670 series version 2.0: Fixed in revision 670 2.0.0.13
• Relion 670 series Version 2.0: Planned
• Relion 670 series Version 2.1: Planned
• Relion 670/650 series Version 2.2.0: Fixed in revision 670 2.2.0.13
• Relion 670/650/SAM600-IO series Version 2.2.1: Fixed in revision 670 2.2.1.6
• Relion 670 series Version 2.2.2: Fixed in revision 670 2.2.2.3
• Relion 670 series Version 2.2.3: Fixed in revision 670 2.2.3.2
• Relion 650 series Version 1.1: Planned
• Relion 650 series Version 1.2: Please follow recommendation as listed in the mitigation factor section or upgrade to product Version 1.3. For upgrades, please contact Hitachi ABB Power Grids.
• Relion 650 series Version 1.3: Fixed in revision 650 1.3.0.7
• Not connecting the affected products to any station network through the LAN port (optical or RJ45) should make above attack physically impossible. The functionality of the system would have to be maintained by giving switching commands through hardwired binary inputs. This vulnerability affects only products with IEC 61850 interfaces.
• Relion 670, 650, and SAM600-IO
• REB500
• RTU500
• FOX615 (TEGO1)
• MSM
• GMS600
• PWC600
• Recommended security practices and firewall configurations can help protect a process control network from attacks originating from outside the network. Such practices include process control systems that are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system with a minimal number of ports exposed. Other systems would be evaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or receiving emails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
• More information on recommended practices can be found in the cybersecurity deployment guidelines for each product version.

Affected Vendors

Affected Products (4)

Affected Sectors

Energy