ICSA-21-236-02
·
Published 2021-08-24
·
View on CISA ICS-CERT ↗
Hitachi ABB Power Grids Retail Operations and CSB Products
CVSS 7.7
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to access database credentials, shut down the product, and access or alter system data.
CVEs (1)
Remediations
- Hitachi ABB Power Grids recommends updating to Version 5.7.3 or later, which resolves this vulnerability. For more information on this advisory, see the Hitachi ABB Power Grids security advisory or contact Hitachi ABB Power Grids.
- Hitachi ABB Power Grids suggests recommended security practices, operating systems hardening, and firewall configurations can help protect a user's computer from the attacks. An entry point for this vulnerability is the unsecured operating system on which the product is installed. Hitachi ABB Power Grids recommends hardening the operating system accordingly.
- Follow the hardening guidelines published by The Center for Internet Security (CIS).
- Routinely monitor the application process log for unrecognized user sessions originating from outside the application.
- Retail Operations
- Counterparty Settlement Billing (CSB)
Affected Vendors
Hitachi Energy
Affected Products (2)
Hitachi Energy
·
Counterparty Settlement and Billing (CSB)
<= 5.7.2
Hitachi Energy
·
Retail Operations
<= 5.7.2
Affected Sectors
Critical Manufacturing, Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more