Hitachi Energy MicroSCADA X DMS600

Risk Summary

Successful exploitation of this vulnerabilities could allow an attacker to gain unauthorized access to information.

CVEs (2)

Remediations

• Hitachi Energy DMS600: Update to v4.6.
• Note: In DMS600, PostgreSQL is deployed and accessible only from the local host. Remote connections are not allowed by default.
• Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed; and others that must be evaluated case-by-case. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
• For more information, see Hitachi Energy advisory 8DBD000102.

Affected Vendors

Affected Products (1)

Affected Sectors

Energy