Hitachi Energy GMS600, PWC600, and Relion

Risk Summary

Successful exploitation of this vulnerability could allow an attacker with user credentials to bypass security controls enforced by the product, which may lead to unauthorized modifications on data/firmware, and/or permanent disabling of the product.

CVEs (1)

Remediations

• Relion 670 series Version 2.2.3: Update to Version 2.2.3.5
• Relion 670/650/SAM600-IO series Version 2.2.5: Update to Version 2.2.5.2
• Relion 650 series Version 1.3: Update to Version 1.3.0.8
• Relion 650 series Version 1.2: Update to Version 1.3
• For other affected versions, please follow mitigation factors in Hitachi Energy's advisories. Hitachi Energy recommends the following security practices and firewall configurations to help protect process control networks from attacks that originate from outside the network: Physically protect process control systems from direct access by unauthorized personnel.
• Do not directly connect to the Internet.
• Separate from other networks by means of a firewall system that has a minimal number of ports exposed.
• Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
• Limit open database connectivity (ODBC) protocol for device configuration within the substation only.
• Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
• For additional information and support please contact your product provider or Hitachi Energy service organization. For contact information, visit Hitachi Energy contact-centers.
• Please see the Hitachi Energy PWC600, GMS600, and Relion advisories for additional mitigation and update information.

Affected Vendors

Affected Products (21)

Affected Sectors

Multiple Sectors