Hitachi Energy FOX61x

CVEs (1)

Remediations

• Enable the RADIUS Message-Authenticator option in both the FOX61x and RADIUS Server configurations. Refer to the Technical User Documentation at https://publisher.hitachienergy.com/preview?DocumentID=1KHW029042&LanguageCode=en&DocumentPartId=R18&Action=launch.
• Update to FOX61x R18, then enable the RADIUS Message-Authenticator option in both the FOX61x and RADIUS Server configurations. Refer to the Technical User Documentation at https://publisher.hitachienergy.com/preview?DocumentID=1KHW029042&LanguageCode=en&DocumentPartId=R18&Action=launch.
• If the upgrade is not possible, apply general mitigation factors with segmentation of FOX management traffic to minimize the risk.
• For more information, see the associated Hitachi Energy cybersecurity advisory 8DBD000225 Radius MD5 Vulnerability in Hitachi Energy FOX61x product at https://publisher.hitachienergy.com/preview?DocumentID=8DBD000225&LanguageCode=en or https://publisher.hitachienergy.com/preview?DocumentID=8DBD000225-CSAF&LanguageCode=en&DocumentPartId=&Action=Launch .
• Hitachi Energy recommends implementing security practices and firewall configurations to help protect process control networks from external attacks. Such practices include ensuring that process control systems are physically protected from unauthorized access, have no direct Internet connections, and are separated from other networks by a firewall system that minimizes exposed ports, and any additional ports should be evaluated on a case-by-case basis. Process control systems should not be used for web browsing, instant messaging, or email. Portable computers and removable storage media should be thoroughly scanned for malware before being connected to a control system. Organizations should enforce proper password policies and procedures.

Affected Vendors

Affected Products (2)

Affected Sectors

Critical Manufacturing