Hitachi Energy AFF66x

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to compromise availability, integrity, and confidentiality of the targeted devices.

CVEs (6)

Remediations

• Hitachi Energy recommends the following actions:
• Update to upcoming AFF660/665 FW 04.6.01 release when available.
• Configure only trusted DNS server(s).
• Configure the NTP service with redundant trustworthy sources of time.
• Restrict TCP/IP-based management protocols to trusted IP addresses.
• Disable the SNMP server (CLI and web interface will continue to function as they use an internal connection).
• Hitachi Energy recommends the following general mitigations:
• Recommended security practices and firewall configurations could help protect a process control network from attacks originating from outside the network.
• Physically protect process control systems from direct access by unauthorized personnel.
• Ensure process control systems have no direct connections to the internet and are separated from other networks via a firewall system with minimal exposed ports.
• Do not use process control systems for internet surfing, instant messaging, or receiving emails.
• Scan portable computers and removable storage media for malware prior connection to a control system.
• For more information, see Hitachi Energy's Security Advisory: 8DBD000167.

Affected Vendors

Affected Products (1)

Affected Sectors

Energy