Hitachi Energy FACTS Control Platform (FCP) Product

Risk Summary

Successful exploitation of these vulnerabilities may allow an attacker to eavesdrop on the traffic between network source and destination, gain unauthorized access to information or cause a denial-of service.

CVEs (1)

Remediations

• For FCP 1.1.0 - 1.3.0, FCP 2.1.0 - 2.3.0, FCP 3.0.0 - 3.12.0: Users should apply mitigations listed in this advisory and in the mitigation section of Hitachi Energy advisory 8DBD000104.
• A remediated version FCP 3.14.0 and 4.0.0 is planned. For update or upgrades, users should contact Hitachi Energy.
• Physically protect process control systems from unauthorized direct access.
• Separate process control systems from other networks using firewall system that has a minimal number of ports open.
• Process control systems should not be used for internet surfing, instant messaging, or receiving emails.
• Portable computers and removable storage media should be carefully scanned for viruses connecting to a control system
• For more information, see Hitachi Energy advisory 8DBD000104.

Affected Vendors

Affected Products (3)

Affected Sectors

Energy