Hitachi Energy Gateway Station

Risk Summary

Successful exploitation of these vulnerabilities could cause affected modules to stop working.

CVEs (2)

Remediations

• Hitachi Energy has created an update to address the reported vulnerabilities and recommends users update to at least GWS version 3.3.0.0
• For CVE-2020-25692, the vulnerability impacts GWS if the authentication service is installed. It is not installed by default but is required during the installation process of GWS or installed manually later. Authentication Service (previously ABB Authentication Service) is only needed when GWS users are authenticated using centralized SDM600 user account management.
• Hitachi Energy recommends the following general mitigation factors and security practices:
• Configure firewalls to protect process control networks from attacks originating from outside the network
• Physically protect process control systems from direct access by unauthorized personnel
• Avoid directly connecting control systems to the internet
• Separate process control networks from other networks using a firewall system with a minimal number of ports exposed
• Process control systems should not be used for internet surfing, instant messaging, or receiving emails
• Portable computers and removable storage media should be carefully scanned for viruses before connecting to a control system
• Enforce proper password policies and processes
• For more information, see Hitachi security advisory 8DBD000118.

Affected Vendors

Affected Products (8)

Affected Sectors

Energy