ICSA-22-242-02
·
Published 2022-08-30
·
View on CISA ICS-CERT ↗
Hitachi Energy Gateway Station (GWS) Product
CVSS 8.1
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow unauthorized users to eavesdrop on the traffic between network source and destination, gain unauthorized access to information, or cause a denial-of service condition.
CVEs (1)
Remediations
- GWS 2.0.0.0 and earlier, GWS 2.1.0.0, GWS 2.2.0.0, GWS 2.3.0.0, GWS 2.4.0.0,GWS 3.0.0.0, GWS 3.1.0.0: Apply the mitigation factors as described in this advisory and in the mitigation section of Hitachi Energy advisory 8DBD000101.
- A remediated version of GWS 3.2.0.0 is planned. For updates or upgrades, contact Hitachi Energy.
- Physically protect process control systems from unauthorized direct access.
- Separate process control systems from other networks using a firewall system with only the necessary ports open.
- Process control systems should not be used for internet surfing, instant messaging, or receiving emails.
- Portable computers and removable storage media should be carefully scanned for viruses before connecting to a control system.
- For more information, see Hitachi security advisory 8DBD000101
Affected Vendors
Hitachi Energy
Affected Products (7)
Hitachi Energy
·
GWS
3.1.0.0
Hitachi Energy
·
GWS
<= 2.0.0.0
Hitachi Energy
·
GWS
2.2.0.0
Hitachi Energy
·
GWS
2.3.0.0
Hitachi Energy
·
GWS
2.1.0.0
Hitachi Energy
·
GWS
3.0.0.0
Hitachi Energy
·
GWS
2.4.0.0
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more