Hitachi Energy MSM Product

Risk Summary

Successful exploitation of this vulnerability could disrupt the functionality of the MSM web interface, steal sensitive user credentials, or cause a denial-of-service condition.

CVEs (1)

Remediations

• Physically protect process control systems from unauthorized direct access.
• Separate process control systems from other networks using a firewall system with only the necessary ports open.
• Process control systems should not be used for common internet activities.
• Portable computers and removable storage media should be carefully scanned for malicious software before connecting to a control system.
• Hitachi Energy also recommends following the hardening guidelines published by The Center for Internet Security (CIS) to protect hosts connected with MSM. This measure will prevent the lateral movement of the attack vector into MSM via such connected devices.
• Securing Microsoft Windows Desktop
• Securing Microsoft Windows Server
• For more information, see Hitachi Energy advisory 8DBD000086

Affected Vendors

Affected Products (1)

Affected Sectors

Energy