ICSA-21-336-04
·
Published 2021-12-02
·
View on CISA ICS-CERT ↗
Hitachi Energy RTU500 series BCI
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow a remote attacker to reboot the device.
CVEs (1)
Remediations
- Disable BCI IEC 60870-5-104 function by configuration if it is not used. Note: By default, the BCI IEC 60870-5-104 is disabled.
- Update to RTU500 series CMU Firmware Version 12.6.5.0 or later (e.g., RTU500 CMU Firmware Version 12.7.* or CMU Firmware Version 13.2.* or later).
- Please see Hitachi Energy advisory 8DBD000063 for additional mitigation and update information.
- Physically protect process control systems from direct access by unauthorized personnel.
- Do not directly connect to the Internet.
- Separated from other networks by means of a firewall system with a minimal number of ports exposed.
- Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Affected Vendors
Hitachi Energy
Affected Products (3)
Hitachi Energy
·
RTU500 series CMU Firmware Version 12.4
vers:all/*
Hitachi Energy
·
RTU500 series CMU Firmware Version 12.0
vers:all/*
Hitachi Energy
·
RTU500 series CMU Firmware Version 12.2
vers:all/*
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more