ICSA-25-350-03
·
Published 2025-12-16
·
View on CISA ICS-CERT ↗
Hitachi Energy AFS, AFR and AFF Series
CVSS 9.0
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could compromise the integrity of the product data and disrupt its availability.
CVEs (1)
Remediations
- Hitachi Energy has identified the following recommended immediate actions:
- All affected products: Set the RADIUS configuration to default which enables the RADIUS server message authenticator option.
- AFR 677, AFS 650, AFS 655, AFS 670, AFS 675, AFS 677: Command to enable Message Authenticator option: For AFS65x, AFS67x, AFR67x CLI: radius server msgauth MIB: hmAgentRadiusServerMsgAuth
- AFF 660, AFF 665, AFS 660-B/C/S, AFS 665-B/S, AFS 670: Command to enable Message Authenticator option: For AFS66x, AFS670 v2.0, AFF66x CLI: radius server auth modify msgauth MIB: hm2AgentRadiusServerMsgAuth
- For more information, see the associated Hitachi Energy PSIRT security advisory 8DBD000230 RADIUS vulnerability in Hitachi Energy AFS, AFR and AFF series products.
Affected Vendors
Hitachi Energy
Affected Products (11)
Hitachi Energy
·
AFS 660-B/C/S
vers:all/*
Hitachi Energy
·
AFS 665-B/S
vers:all/*
Hitachi Energy
·
AFS 670 v2.0
vers:all/*
Hitachi Energy
·
AFS 650
vers:all/*
Hitachi Energy
·
AFS 655
vers:all/*
Hitachi Energy
·
AFS 670
vers:all/*
Hitachi Energy
·
AFS 675
vers:all/*
Hitachi Energy
·
AFS 677
vers:all/*
Hitachi Energy
·
AFR 677
vers:all/*
Hitachi Energy
·
AFF 660
vers:all/*
Hitachi Energy
·
AFF 665
vers:all/*
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more