Hitachi Energy AFF660/665 Series

Risk Summary

Successful exploitation of this vulnerability could overflow a buffer on the device and fully compromise it.

CVEs (1)

Remediations

• Hitachi Energy for AFF660 FW and AFF665 FW versions 03.0.02 and prior recommends users to implement the following security measures:
• Use the “IP Access Restriction” feature to restrict HTTP and HTTPS traffic to trusted IP addresses.
• Disable the HTTP and HTTPS server.
• Hitachi Energy recommends users follow the recommended security practices and firewall configurations to help protect from outside attacks. Recommended security practices include:
• Ensuring process control systems are physically protected from unauthorized direct access
• Ensuring process control systems have no direct connections to the Internet
• Using a firewall system to separate process control systems from separated from other networks. The firewall system should have only the necessary ports open.
• Hitachi Energy does not recommend process control systems be used for internet surfing, instant messaging, or receiving emails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
• For more information, see Hitachi Energy's security advisory 8DBD000122.

Affected Vendors

Affected Products (2)

Affected Sectors

Energy