ICSA-21-334-05
·
Published 2021-11-30
·
View on CISA ICS-CERT ↗
Hitachi Energy Retail Operations and CSB Software
CVSS 7.2
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow unauthorized access to data and modification of data inside the affected product.
CVEs (1)
Remediations
- Retail Operations v5.7.3 and prior: Upgrade to v5.7.3.1
- Counterparty Settlement and Billing (CSB) v5.7.3: Upgrade to v5.7.3.1
- Harden the operating system.
- Routinely monitor the application process log for unrecognized user sessions originating outside of the Retail Operations application.
- Please see the Hitachi Energy Retail Operations and CSB advisories for additional mitigation and update information.
- For additional information and support, users should contact the product provider or Hitachi Energy service organization.
- Do not click web links or open unsolicited attachments in email messages.
- Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
- Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Affected Vendors
Hitachi Energy
Affected Products (2)
Hitachi Energy
·
Counterparty Settlement and Billing (CSB)
<= 5.7.3
Hitachi Energy
·
Retail Operations
<= 5.7.3
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more