Risk Summary
Successful exploitation of these vulnerabilities could allow an unauthorized user to obtain sensitive information and gain access to the network elements managed by the UNEM and could cause availability issue on affected UNEM products.
Remediations
- Hitachi Energy remediated these vulnerabilities in UNEM R16A and recommends users upgrade to this version.
- For CVE-2021-40341, CVE-2021-40342, UNEM R16A has partial remediation. The full remediation will be complete in an upcoming UNEM release.
- Secure the NMS CLIENT/SERVER communication.
- Avoid embedded FOXCST with RADIUS authentication.
- Securely handle exported files.
- Physically protect process control systems from unauthorized direct access.
- Do not directly connect control systems networks to the internet.
- Separate process control systems from other networks using a firewall system with a minimal number of open ports.
- Process control systems should not be used for internet surfing, instant messaging, or receiving emails.
- Portable computers and removable storage media should be carefully scanned for viruses connecting to a control system.
- Ensure that only authorized personnel have access to the system configuration files.
- For more information, see Hitachi Energy advisory 8DBD000084.
- Additional hardening guidelines for protecting the host operating system are published by “The Center for Internet Security (CIS).”
Affected Vendors
Hitachi Energy
Affected Products (9)
Hitachi Energy
·
UNEM
R16A
Hitachi Energy
·
UNEM
R15B
Hitachi Energy
·
UNEM
R15A
Hitachi Energy
·
UNEM
R14B
Hitachi Energy
·
UNEM
R14A
Hitachi Energy
·
UNEM
R11B
Hitachi Energy
·
UNEM
R11A
Hitachi Energy
·
UNEM
R10C
Hitachi Energy
·
UNEM
R9C
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more