Hitachi Energy FOXMAN-UN

Risk Summary

Successful exploitation of these vulnerabilities could allow an unauthorized user to obtain sensitive information and gain access to the network elements managed by the FOXMAN-UN, and could cause an availability issue on affected FOXMAN-UN products.

CVEs (5)

Remediations

• Hitachi Energy has remediated these vulnerabilities in FOXMAN-UN R16A and recommends users upgrade to this version.
• For CVE-2021-40341, CVE-2021-40342, FOXMAN-UN R16A has partial remediation. The full remediation will be complete in an upcoming FOXMAN-UN release.
• Secure the NMS CLIENT/SERVER communication.
• Avoid embedded FOXCST with RADIUS authentication.
• Securely handle exported files.
• Physically protect process control systems from unauthorized direct access.
• Do not directly connect control systems networks to the internet.
• Separate process control systems from other networks using a firewall system with a minimal number of open ports.
• Process control systems should not be used for internet surfing, instant messaging, or receiving emails.
• Portable computers and removable storage media should be carefully scanned for viruses connecting to a control system.
• Ensure that only authorized personnel have access to the system configuration files.
• For more information, see Hitachi Energy advisory 8DBD000083.
• Additional hardening guidelines for protecting the host operating system are published by “The Center for Internet Security (CIS).”

Affected Vendors

Affected Products (9)

Affected Sectors

Energy