Hitachi Energy TropOS Devices Series 1400/2400/6400

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.

CVEs (1)

Remediations

• Hitachi Energy has identified the following specific workarounds and mitigations users can apply to reduce risk:
• Update to Version 8.9.6 or later when available
• Hitachi Energy recommends users implement countermeasures for DoS with proper firewall rule sets and filters, as well as to apply mitigation as described in the Mitigation Factors/WorkaroundsSection.
• Hitachi Energy recommends users follow recommended security practices and firewall configurations, which can help protect a process control network from attacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
• For more information, see Hitachi Energy Cybersecurity Advisory "DoS Vulnerability in Hitachi Energy's TropOS core routers and edge nodes."

Affected Vendors

Affected Products (1)

Affected Sectors

Energy