ICSA-22-270-02
·
Published 2022-09-27
·
View on CISA ICS-CERT ↗
Hitachi Energy APM Edge
CVSS 7.8
HIGH
CISA KEV — Known Exploited
Risk Summary
Successful exploitation of this vulnerability could allow users to escalate privileges from a user account to root.
CVEs (2)
Remediations
- When applicable, Hitachi Energy recommends users update to Lumada APM Edge v6.3 at the earliest convenience.
- Physically protect process control systems from unauthorized direct access.
- Ensure process control systems have no direct connections to the internet.
- Use firewall systems to separate process control systems from other networks.
- Ensure the firewall system only has necessary ports exposed.
- APM should only be used to access the internet for authorized information. Portable computers and removable storage media should be carefully scanned for viruses before connecting to a control system.
- For more information, see Hitachi Energy advisory 8DBD000115.
Affected Vendors
Hitachi Energy
Affected Products (4)
Hitachi Energy
·
Lumada APM Edge
3.0
Hitachi Energy
·
Lumada APM Edge
1.0
Hitachi Energy
·
Lumada APM Edge
4.0
Hitachi Energy
·
Lumada APM Edge
2.0
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more