← Back to home
ICSA-26-141-01  ·  Published 2026-05-21  ·  View on CISA ICS-CERT ↗

Hitachi Energy GMS600

CVSS 5.9 MEDIUM

Risk Summary

Hitachi Energy is aware of the vulnerability, CVE-2022-4304 in the OSS component OpenSSL, that affects the GMS600 versions that are listed below. An attacker successfully exploiting this vulnerability could send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection. For immediate mitigation /workaround information, please refer to the General Mitigation Factors/Workarounds

CVEs (1)

Remediations

  • Upgrade to version 1.3.2

Affected Vendors

Hitachi Energy

Affected Products (1)

Hitachi Energy · GMS600 vers:GMS600/>=1.3.0|<=1.3.1

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more