Choose your region and language

Go

Menu

List of Cybersecurity Advisories and Notifications

Year 2024

Published (Updated) Advisory Link CVE-ID                    
2022-11-15
(2024-05-28)
Cybersecurity Advisory - 
Cleartext Credentials Vulnerability on Hitachi Energy’s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products
CVE-2022-2513
2024-01-30
(2024-05-28)

Cybersecurity Advisory - Multiple vulnerabilities in Hitachi Energy's AFF660/665 series Products

CVE-2023-0464
CVE-2023-0215
CVE-2023-0216 
CVE-2023-0401
CVE-2022-40674 
CVE-2023-0286
CVE-2022-4450
CVE-2023-0217 
CVE-2022-43680
CVE-2022-4304

Published (Updated) Advisory Link CVE-ID                    
2024-04-30 Cybersecurity Advisory - Multiple Vulnerabilities in Tropos Mesh Routers CVE-2018-5379 
CVE-2018-5381
CVE-2016-2148
CVE-2016-2147
CVE-2019-11478
CVE-2015-5364
CVE-2019-11477
CVE-2021-41991
CVE-2018-10811
2024-04-30

Cybersecurity Advisory - Secure Update Bypass Vulnerability in Hitachi Energy’s RTU500 series Product

CVE-2024-2617
2024-04-30

Cybersecurity Advisory - Multiple Vulnerabilities in Hitachi Energy's SDM600 series Product

CVE-2024-2377
CVE-2024-2378
     

Published (Updated) Advisory Link CVE-ID                    
2024-01-30

Cybersecurity Advisory - Multiple vulnerabilities in Hitachi Energy's AFF660/665 series Products

CVE-2023-0464
CVE-2023-0215
CVE-2023-0216 
CVE-2023-0401
CVE-2022-40674 
CVE-2023-0286
CVE-2022-4450
CVE-2023-0217 
CVE-2022-43680 
2024-01-30

Cybersecurity Advisory - OpenSSL vulnerabilities in Hitachi Energy's MSM Product

CVE-2023-2650
CVE-2023-0215 
CVE-2023-0286 
2024-01-30 Cybersecurity Advisory - DoS vulnerability in Hitachi Energy's TropOS core routers and edge nodes
CVE-2013-5211

Year 2023

Published (Updated) Advisory Link CVE-ID                    
2023-12-19

Cybersecurity Advisory - Improper Certificate Validation in Hitachi Energy’s RTU500 series Product

CVE-2023-1514
2023-12-19

Cybersecurity Advisory - DoS Vulnerability in Hitachi Energy’s RTU500 series product

CVE-2023-6711
2021-11-14
(2023-12-19)

Cybersecurity Advisory - Apache ActiveMQ Vulnerability in Hitachi Energy’s Asset Suite product

CVE-2023-46604
2021-07-25
(2023-12-19)

Cybersecurity Advisory - Multiple vulnerabilities in Hitachi Energy’s AFF66x Products

CVE-2021-43523
CVE-2020-13817
CVE-2020-11868
CVE-2019-11477
CVE-2022-29503
CVE-2022-3204
CVE-2018-18066
2021-09-26
(2023-12-19)

Cybersecurity Advisory - Multiple vulnerabilities in Hitachi Energy’s AFS65x, AFS67x, AFR67x and AFF66x series Product

CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-25314
CVE-2022-25315
CVE-2022-25235
CVE-2022-25236
CVE-2022-23852
CVE-2022-23990

Published (Updated) Advisory Link CVE-ID                    
2023-11-28

Cybersecurity Advisory - Improper Input Validation Vulnerability in Hitachi Energy’s Relion® 670/650/SAM600-IO series Product

CVE-2023-4518
2023-11-28

Cybersecurity Advisory - Cyrus SASL Vulnerability in Hitachi Energy’s SDM600 series Product

CVE-2019-19906
2023-11-28

Cybersecurity Advisory - Multiple Vulnerabilities in Hitachi Energy’s RTU500 series Product 

CVE-2023-5767
CVE-2023-5768
CVE-2023-5769
2021-03-08
(2023-11-28)
Cybersecurity Advisory - Specially Crafted IEC 61850 Protocol Sequence Vulnerability in PWC600 CVE-2021-27196
2021-03-08
(2023-11-28)
Cybersecurity Advisory - Specially Crafted IEC 61850 Protocol Sequence Vulnerability in GMS600 CVE-2021-27196
2021-03-08
(2023-11-28)
Cybersecurity Advisory - Specially Crafted IEC 61850 Protocol Sequence Vulnerability in MSM CVE-2021-27196
2021-03-08
(2023-11-28)
Cybersecurity Advisory - Specially Crafted IEC 61850 Protocol Sequence Vulnerability in FOX615 (TEGO1) CVE-2021-27196
2021-08-31
(2023-11-28)
Cybersecurity Advisory - Storage of Sensitive Information Vulnerability in Hitachi Energy’s System Data Manager – SDM600 Product CVE-2021-35526
2020-10-12
(2023-11-28)
Cybersecurity Advisory - Libssh server-side vulnerability, impact on XMC20 Multiservice Multiplexer CVE-2018-10933
2020-11-05
(2023-11-28)
Cybersecurity Advisory - Libssh server-side vulnerability, impact on FOX615 Multiservice Multiplexer CVE-2018-10933
2023-11-14
(2023-11-24)

Cybersecurity Advisory - Apache ActiveMQ Vulnerability in Hitachi Energy’s SOI product

CVE-2023-46604
2023-11-16

Cybersecurity Advisory - Apache ActiveMQ Vulnerability in Hitachi Energy’s Network Manager DMS/OMS product

CVE-2023-46604
2023-11-14

Cybersecurity Advisory - Apache ActiveMQ Vulnerability in Hitachi Energy’s Ellipse product

CVE-2023-46604
2023-11-14

Cybersecurity Advisory - Apache ActiveMQ Vulnerability in Hitachi Energy’s Asset Suite product

CVE-2023-46604
2023-11-13 Cybersecurity Notification - Mandiant Blog Publication N/A

Published (Updated) Advisory Link CVE-ID                    

2023-10-31

Cybersecurity Advisory - .NET vulnerabilities in Hitachi Energy’s MACH System Software Product

CVE-2023-2621
CVE-2023-2622
2023-10-31

Cybersecurity Advisory - Multiple Vulnerabilities in Hitachi Energy’s eSOMS product

CVE-2023-5514
CVE-2023-5515
CVE-2023-5516
2022-11-15
(2023-10-31)
CVE-2022-3388
2021-03-15
(2023-10-31)
Cybersecurity Advisory - Specially Crafted IEC 61850 Protocol Sequence Vulnerability in Hitachi Energy’s RTU500 Series CVE-2021-27196
2021-03-15
(2023-10-31)
Cybersecurity Advisory – Specially Crafted IEC 61850 Protocol Sequence Vulnerability in REB500 Series CVE-2021-27196
2021-02-10
(2023-10-31)
Cybersecurity Advisory – eSOMS Report Function Vulnerability CVE-2021-26845
2021-03-01
(2023-10-31)
Cybersecurity Advisory – eSOMS Third-Party Vulnerabilities - Telerik CVE-2019-19790
CVE-2019-18935
CVE-2017-11357
CVE-2017-11317
CVE-2017-9248
CVE-2014-2217
CVE-2014-4958
2021-03-08
(2023-10-31)
Cybersecurity Advisory – AFS Series - HSR Denial-of-Service Vulnerability CVE-2020-9307
2018-02-03
(2023-10-31)
Cybersecurity Advisory – Improper Access Control Vulnerability in MicroSCADA Pro SYS600 9.x CVE-2018-1168
2021-03-06
(2023-10-31)
Cybersecurity Advisory – Vulnerabilities in Hitachi Energy’s Ellipse EAM CVE-2021-27414
CVE-2021-27416
2021-03-18
(2023-10-31)
Cybersecurity Advisory – Stored XSS vulnerability in Ellipse APM CVE-2021-27887
2021-07-14
(2023-10-31)
Cybersecurity Advisory – Password Autocomplete Vulnerability in Hitachi Energy’s eSOMS Application CVE-2021-35527
2021-08-05
(2023-10-31)
Cybersecurity Advisory – FragAttacks Vulnerabilities in Hitachi Energy’s TropOS Product CVE-2020-24586
CVE-2020-24587
CVE-2020-24588
CVE-2020-26139
CVE-2020-26140
CVE-2020-26141
CVE-2020-26142
CVE-2020-26143
CVE-2020-26144
CVE-2020-26145
CVE-2020-26146
CVE-2020-26147
2021-08-05
(2023-10-31)
Cybersecurity Advisory – Password in Memory Vulnerability in Counterparty Settlement and Billing (CSB) Product CVE-2021-35529
2021-08-05
(2023-10-31)
Cybersecurity Advisory – Password in Memory Vulnerability in Retail Operations Product CVE-2021-35529

Published (Updated) Advisory Link CVE-ID                    

2023-09-26

Cybersecurity Advisory - Multiple vulnerabilities in Hitachi Energy’s AFS65x, AFS67x, AFR67x and AFF66x series Products

CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-25314
CVE-2022-25315
CVE-2022-25235
CVE-2022-25236
CVE-2022-23852
CVE-2022-23990
2023-09-08

Cybersecurity Advisory - Tag Out Vulnerability in Hitachi Energy's Asset Suite 9 Product

CVE-2023-4816

Published (Updated) Advisory Link CVE-ID                    
2023-08-29 

Cybersecurity Advisory - OpenSSL Vulnerabilities in Hitachi Energy's Lumada APM Edge Product

CVE-2023-0286
CVE-2022-4304
CVE-2023-0215
CVE-2022-4450
2023-04-25
(2023-08-29)

Cybersecurity Advisory - Multiple Vulnerabilities in Hitachi Energy's RTU500 Series Product

CVE-2022-23937
CVE-2022-0778
CVE-2021-3711
CVE-2021-3712

Published (Updated) Advisory Link CVE-ID                    
2023-07-25

Cybersecurity Advisory -  Buffer Overflow Vulnerabilities in Hitachi Energy’s RTU500 series Product

CVE-2022-2502
CVE-2022-4608

2023-07-25

Cybersecurity Advisory - Multiple vulnerabilities in Hitachi Energy’s AFF66x Products

CVE-2021-43523
CVE-2020-13817
CVE-2020-11868
CVE-2019-11477
CVE-2022-29503
CVE-2022-3204
CVE-2018-18066

Published (Updated) Advisory Link CVE-ID
2023-05-30

Cybersecurity Advisory - Logging security vulnerability in FOXMAN-UN Product                  

CVE-2023-1711
2023-05-30

Cybersecurity Advisory - Logging security vulnerability in UNEM Product

CVE-2023-1711

Published (Updated) Advisory Link CVE-ID
2023-04-25

Cybersecurity Advisory - Multiple libexpat vulnerabilities in Hitachi Energy’s AFS65x, AFS67x, AFR67x and AFF66x series Products

CVE-2022-40674
CVE-2022-43680
2023-04-25

Cybersecurity Advisory - OpenSSL Vulnerabilities in Hitachi Energy’s RTU500 series Product

CVE-2023-0286
CVE-2022-4304
2023-04-25

Cybersecurity Advisory - Multiple Vulnerabilities in Hitachi Energy’s RTU500 Series Product

CVE-2022-23937
CVE-2022-0778
CVE-2021-3711
CVE-2021-3712
2023-04-25

Cybersecurity Advisory - Multiple Open-Source Software Related Vulnerabilities in Hitachi Energy’s MSM Product

CVE-2021-43298
CVE-2020-15688
CVE-2019-16645
CVE-2019-12822
CVE-2018-15504
CVE-2018-15505
CVE-2021-41615
CVE-2023-23916

Published (Updated) Advisory Link CVE-ID
2023-02-28

Update package validation Vulnerability in Hitachi Energy’s Relion® 670, 650 and SAM600-IO Series Productst

CVE-2022-3864
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s FOX61x TEGO1 Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s GMS600 Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s ITT600 SA Explorer Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s MicroSCADA X SYS600 Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s MSM Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s PWC600 Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s REB500 series Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s Relion® 670, 650 series and SAM600-IO Products

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s RTU500 series Product

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - IEC 61850 MMS-Server Vulnerability in Hitachi Energy’s TXpert™ Hub CoreTec™ 4 and 5 Products  

CVE-2022-3353
2023-02-14

Cybersecurity Advisory - Multiple Vulnerabilities in Hitachi Energy’s Gateway Station (GWS) Product

CVE-2022-29922
2023-02-14

Cybersecurity Advisory - Multiple Open-Source Software Vulnerabilities in Hitachi Energy’s Gateway Station (GWS) Product

CVE-2022-0778
CVE-2020-25692 

Year 2022

Published (Updated) Advisory Link CVE-ID
2022-10-13

PostgreSQL Related Vulnerabilities in Hitachi Energy MicroSCADA X DMS600 Product

CVE-2021-32027
CVE-2021-32028

Published (Updated) Advisory Link CVE-ID
2022-07-26

Linux Kernel Vulnerabilities in Hitachi Energy Lumada Asset Performance Management (APM) Edge Product
 

CVE-2021-4034
CVE-2022-0492
2022-07-26 Web Server Buffer Overflow Vulnerability in Hitachi Energy’s AFF660/665 series Product

CVE-2020-6994
2022-07-12 Cybersecurity Advisory - Cross Site Request Forgery (CSRF) and HTTP Response Splitting in Hitachi Energy’s MSM Product

CVE-2021-40335
CVE-2021-40336
2022-07-12 Cybersecurity Advisory - Multiple Open-Source Software Related Vulnerabilities in Hitachi Energy’s MSM Product CVE-2011-4273
CVE-2013-2174
CVE-2014-3707
CVE-2015-3148
CVE-2015-6584
CVE-2016-7103
CVE-2016-7167
CVE-2016-8617
CVE-2016-8618
CVE-2016-8619
CVE-2016-8621
CVE-2016-9586
CVE-2018-16842

Published (Updated) Advisory Link CVE-ID

2022-04-19

Cybersecurity Advisory - Specially Crafted Modbus TCP Packet Vulnerability in RTU500 series

CVE-2022-28613

2021-11-23
(2022-04-12)

Cybersecurity Advisory - Ports Vulnerabilities in Hitachi Energy XMC20 Product

CVE-2021-40333
CVE-2021-40334
2021-11-23
(2022-04-12)

Cybersecurity Advisory - Ports Vulnerabilities in Hitachi Energy FOX61x Product

CVE-2021-40333
CVE-2021-40334
2022-04-01
(2022-05-01)
Cybersecurity Notification - Spring4Shell Vulnerability
CVE-2022-22950
CVE-2022-22963
CVE-2022-22965

Published (Updated) Advisory Link CVE-ID
2022-03-08 Cybersecurity Advisory - Multiple Vulnerabilities Related to Open-Source Software in Hitachi Energy RelCare Product
CVE-2020-1967
CVE-2021-3156
CVE-2021-3449
CVE-2021-3450
CVE-2021-27432
CVE-2021-27434
CVE-2021-28041
2021-01-13
(2022-03-31)
Cybersecurity Advisory - Multiple Vulnerabilities Related to Open-Source Software in Hitachi Energy e-mesh™ Energy Management System (EMS) Product  CVE-2020-8174
CVE-2020-8265
CVE-2020-11080
CVE-2021-22883
2021-12-17
(2022-03-31)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy's Lumada Asset Performance Management (APM) Product CVE-2021-44228

Published (Updated) Advisory Link CVE-ID
2021-08-19
(2022-01-27)

Cybersecurity Advisory - BadAlloc – Memory Allocation Vulnerabilities in Hitachi Energy Modular Switchgear Monitoring System (MSM) Product 

 

CVE-2020-28895
CVE-2020-35198
2021-12-17
(2022-01-26)
Cybersecurity Advisory – Apache Log4j Vulnerability in Hitachi Energy’s Network Manager SCADA/EMS, Ranger and NMR Products 
 
CVE-2021-44228
CVE-2021-45046
2022-01-20 Cybersecurity Advisory - Multiple Open-Source Software Related Vulnerabilities in Hitachi Energy MicroSCADA Pro/X SYS600 Products CVE-2020-1968
CVE-2020-8265
CVE-2020-8201
CVE-2020-8252
CVE-2020-8287
CVE-2020-8172
CVE-2020-8174
CVE-2021-32027
CVE-2021-32028
2022-01-13 Cybersecurity Advisory - Multiple Vulnerabilities Related to Open-Source Software in Hitachi Energy e-mesh Energy Management System (EMS) Product  CVE-2020-8174
CVE-2020-8265
CVE-2020-11080
CVE-2021-22883
2021-12-22
(2022-01-05)
Cybersecurity Advisory – Apache Log4j Vulnerability in Hitachi Energy’s e-Mesh Monitor Product
CVE-2021-44228
CVE-2021-45046
2021-12-17
(2022-01-12)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy's Lumada Asset Performance Management (APM) Product CVE-2021-44228
2021-12-15
(2022-01-05)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy FOXMAN-UN Product CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
2021-12-15
(2022-01-05)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy UNEM Product CVE-2021-44228
CVE-2021-45046
CVE-2021-45105

Year 2021

Published (Updated) Advisory Link CVE-ID
2021-12-15
(2022-01-05)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy UNEM Product CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
2021-12-15
(2022-01-05)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy FOXMAN-UN Product CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
2021-12-16 Cybersecurity Advisory - BadAlloc – Memory Allocation Vulnerabilities in Hitachi Energy PWC600 series Product CVE-2020-28895
CVE-2020-35198
2021-12-16 Cybersecurity Advisory - BadAlloc – Memory Allocation Vulnerabilities in Hitachi Energy GMS600 series Product CVE-2020-28895
CVE-2020-35198
2021-12-16 Cybersecurity Advisory - BadAlloc – Memory Allocation Vulnerabilities in Hitachi Energy REB500 series Product CVE-2020-28895
CVE-2020-35198
2021-12-16 Cybersecurity Advisory - BadAlloc – Memory Allocation Vulnerabilities in Hitachi Energy Relion® 670, 650 series and SAM600-IO Product CVE-2020-28895
CVE-2020-35198
2021-12-16
(2021-12-21)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy's Lumada Enterprise Asset Manager & Field Service Manager (EAM-FSM) Products CVE-2021-44228
CVE-2021-45046
2021-12-16
(2021-12-23)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy Counterparty Settlement and Billing (CSB)  Product CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
2021-12-16
(2021-12-22)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy Network Manager Advanced Distributed Management System (NM-ADMS) Product CVE-2021-44228
CVE-2021-45046
2021-12-16
(2021-12-21)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy MMS Internal Facing Subcomponent CVE-2021-44228
CVE-2021-45046
2021-12-17
(2022-01-12)
Cybersecurity Advisory - Apache Log4j Vulnerability in Hitachi Energy's Lumada Asset Performance Management (APM) Product CVE-2021-44228
2021-12-17
(2021-12-21)
Cybersecurity Advisory – Apache Log4j Vulnerability in Hitachi Energy’s nMarket Global I-SEM CVE-2019-17571
CVE-2021-4104
CVE-2021-44228
CVE-2021-45046
CVE-2021-45105
2021-12-17
(2022-01-26)
Cybersecurity Advisory – Apache Log4j Vulnerability in Hitachi Energy’s Network Manager SCADA/EMS, Ranger and NMR Products  CVE-2021-44228
CVE-2021-45046
2021-12-17
(2021-12-21)
Cybersecurity Advisory – Apache Log4j Vulnerability in Hitachi Energy’s Axis Product CVE-2021-44228
CVE-2021-45046
2021-12-21 Cybersecurity Advisory – Multiple Open-Source Software Related Vulnerabilities in Hitachi Energy System Data Manager (SDM600) Product CVE-2020-1968
CVE-2020-12243
CVE-2020-25709
CVE-2020-25710
CVE-2020-36229
CVE-2020-36230
CVE-2021-23840
2021-12-21 Cybersecurity Advisory – Apache Log4j Vulnerability in Hitachi Energy’s RelCare Product CVE-2021-44228
CVE-2021-45046
2021-12-22
(2021-12-23)
Cybersecurity Advisory – OWASP Related Vulnerabilities in Hitachi Energy’s LinkOne Product CVE-2021-40337
CVE-2021-40338
CVE-2021-40339
CVE-2021-40340
2021-12-22
(2022-01-05)
Cybersecurity Advisory – Apache Log4j Vulnerability in Hitachi Energy’s e-Mesh Monitor Product CVE-2021-44228
CVE-2021-45046
2021-12-23 Cybersecurity Advisory – Apache Log4j v1.x Vulnerabilities in Hitachi nMarket Global Product CVE-2021-44228
CVE-2021-45046
2021-12-23 Cybersecurity Advisory – Apache Log4j v1.x Vulnerabilities in Hitachi nMarket Product CVE-2019-17571
CVE-2021-4104
2021-12-13
(2021-12-29)
Cybersecurity Notification - Apache Log4j Vulnerability CVE-2019-17571
CVE-2021-4104
CVE-2021-44228
CVE-2021-45046
CVE-2021-45105

Published (Updated) Advisory Link CVE-ID
2021-11-02
(2021-12-02)
Cybersecurity Advisory - Multiple Open-Source Software Related Vulnerabilities in Hitachi Energy Transformer Asset Performance Management (APM) Edge  CVE-2017-8872; CVE-2019-1547;
CVE-2019-1549; CVE-2019-1563; 
CVE-2019-20388; CVE-2020-1971;
CVE-2020-10713; CVE-2020-14308;
CVE-2020-14309; CVE-2020-14310;
CVE-2020-14311; CVE-2020-15705;
CVE-2020-15706; CVE-2020-15707;
CVE-2020-14372; CVE-2020-24977;
CVE-2020-25632; CVE-2020-27749;
CVE-2020-27779; CVE-2021-3449;
CVE-2021-3516; CVE-2021-3517; 
CVE-2021-3518; CVE-2021-3537; 
CVE-2021-3541; CVE-2021-20225; 
CVE-2021-20233; CVE-2021-23840; 
CVE-2021-23841;
2021-11-04
(2021-02-07)

Cybersecurity Advisory - Insufficient Security Control Vulnerability in Hitachi Energy Relion® 670/650/SAM600-IO series Products

CVE-2021-35534
2021-11-04 Cybersecurity Advisory - Insufficient Security Control Vulnerability in Hitachi Energy GMS600 Product CVE-2021-35534
2021-11-04 Cybersecurity Advisory - Insufficient Security Control Vulnerability in Hitachi Energy PWC600 Product CVE-2021-35534
2021-11-04
(2021-12-07)

Cybersecurity Advisory - Insecure Boot Image Vulnerability in Hitachi Energy Relion® 670/650/SAM600-IO series Products

CVE-2021-35535
2021-11-04 Cybersecurity Advisory - Authentication Bypass Vulnerability in Hitachi Energy Counterparty Settlement and Billing (CSB) Product  CVE-2021-35528
2021-11-04 Cybersecurity Advisory - Authentication Bypass Vulnerability in Hitachi Energy Retail Operations Product CVE-2021-35528
2021-11-16
(2021-12-02)

Cybersecurity Advisory - OpenLDAP Related Vulnerabilities in Hitachi Energy RTU500 series

CVE-2020-36229
CVE-2020-36230 
2021-11-16
(2021-12-02)

Cybersecurity Advisory - OpenSSL and Libxml2 Related Vulnerabilities in Hitachi Energy RTU500 series

CVE-2020-1968
CVE-2020-24977
CVE-2021-3517
2021-11-16

Cybersecurity Advisory - Specially Crafted IEC 60870-5-104 Packet Vulnerability in RTU500 Series

CVE-2021-35533
2021-11-23

Cybersecurity Advisory - Ports Vulnerabilities in Hitachi Energy XMC20 Product

CVE-2021-40333
CVE-2021-40334
2021-11-23

Cybersecurity Advisory - Ports Vulnerabilities in Hitachi Energy FOX61x Product

CVE-2021-40333
CVE-2021-40334

Published (Updated) Advisory Link CVE-ID
2021-07-14
(2021-07-29)
Cybersecurity Advisory - Password Autocomplete Vulnerability in Hitachi Energy eSOMS Application CCVE-2021-35527

Published (Updated) Advisory Link CVE-ID
2021-03-15
(2021-04-12)
Cybersecurity Advisory - Specially Crafted IEC 61850 Protocol Sequence Vulnerability in Relion® 670, 650 and SAM600-IO CVE-2021-27196

Year 2020

Published (Updated) Advisory Link CVE-ID
2020-11-05
Cybersecurity Advisory - LibSSH server-side vulnerability, impact on FOX615 Multiservice-Multiplexer CVE-2018-10933

Published (Updated) Advisory Link CVE-ID
2020-10-12
Cybersecurity Advisory - LibSSH server-side vulnerability, impact on XMC20 Multiservice-Multiplexer
CVE-2018-10933

Published (Updated) Advisory Link CVE-ID
2020-08-07
Cybersecurity Advisory - Wind River VxWorks IPNet, Vulnerabilities, impact on Modular Switchgear Monitoring (MSM)
CVE-2019-12256
CVE-2019-12258
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263

Published (Updated) Advisory Link CVE-ID
2020-05-25
Cybersecurity Advisory - WindRiver VxWorks IPNet Vulnerabilities, impact on RTU500 series CVE-2019-12256
CVE-2019-12258
CVE-2019-12259
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
CVE-2019-12265
2020-05-25 Cybersecurity Advisory - WindRiver VxWorks IPNet Vulnerabilities, impact on REB500 CVE-2019-12256
CVE-2019-12258
CVE-2019-12259
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
CVE-2019-12265
2020-05-26 Cybersecurity Advisory - WindRiver VxWorks IPNet Vulnerabilities, impact on ETL600 Power Line Carrier System CVE-2019-12255
CVE-2019-12258
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
2020-05-25
(2020-05-26)
Cybersecurity Advisory - WindRiver VxWorks IPNet Vulnerabilities, impact on NSD570 Teleprotection Equipment CVE-2019-12256
CVE-2019-12258
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
2020-05-25 Cybersecurity Advisory - WindRiver VxWorks IPNet Vulnerabilities, impact on AFS66x CVE-2019-12255
CVE-2019-12256
CVE-2019-12257
CVE-2019-12258
CVE-2019-12259
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
CVE-2019-12264
CVE-2019-12265
2020-05-25
(2021-05-19)
Cybersecurity Advisory - WindRiver VxWorks IPNet Vulnerabilities, impact on Relion 670, Relion 650, SAM600-IO Series CVE-2019-12256
CVE-2019-12258
CVE-2019-12259
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
CVE-2019-12265
2020-05-25 Cybersecurity Advisory - WindRiver VxWorks IPNet Vulnerabilities, impact on FOX615 Multiservice-Multiplexer CVE-2019-12256
CVE-2019-12258
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263

Published (Updated) Advisory Link CVE-ID
2020-02-12 Vulnerabilities in ABB eSOMS CVE-2019-19000
CVE-2019-19001
CVE-2019-19002
CVE-2019-19003
CVE-2019-19089
CVE-2019-19090
CVE-2019-19091
CVE-2019-19092
CVE-2019-19093
CVE-2019-19094
CVE-2019-19095
CVE-2019-19096
CVE-2019-19097
2020-02-12 Vulnerability in ABB Asset Suite - Direct Object Reference CVE-2019-18998

Year 2019

Published (Updated) Description CVE-ID
2019-10-22 Vulnerabilities in Relion® 650 series version 2.1 and Relion® 670 series version 2.1 - OpenSSL CVE-2016-2109
CVE-2016-2177
CVE-2016-2178
CVE-2016-2182
CVE-2016-2183
CVE-2016-6304
CVE-2016-6306
2019-10-22 Vulnerability in Relion® 670 series - MMS Path Traversal CVE-2019-18253
2019-10-22 Vulnerability in Relion®  650 series and Relion®  670 series -Terminal Reboot CVE-2019-18247
2019-10-22 Vulnerabilities in Relion® 670 series and Relion® 650 series - OpenSSL CVE-2017-3737
CVE-2018-0739
CVE-2018-0737
CVE-2018-0732

Published (Updated) Advisory Link CVE-ID
2019-07-29 Cybersecurity Notification - WindRiver VxWorks IPNet Vulnerabilities, impact on ABB Power Grids - Grid Automation Products CVE-2019-12255
CVE-2019-12256
CVE-2019-12257
CVE-2019-12258
CVE-2019-12259
CVE-2019-12260
CVE-2019-12261
CVE-2019-12262
CVE-2019-12263
CVE-2019-12264
CVE-2019-12265
2019-07-30 Cybersecurity Notification - WindRiver VxWorks IPNet Vulnerabilities, impact on High Voltage Products CVE-2019-12256 
CVE-2019-12257
CVE-2019-12255 
CVE-2019-12260
CVE-2019-12261
CVE-2019-12263
CVE-2019-12258
CVE-2019-12259
CVE-2019-12262 
CVE-2019-12264 
CVE-2019-12265

Archives

Published (Updated) Advisory Link CVE-ID
2018-01-06 (2018-08-23) Cybersecurity Notification - Meltdown & Spectre CVE-2017-5754
CVE2017-5753
CVE-2017-5715
2018-01-15 Vulnerability in FOX515T v1.0 - Local File Inclusion CVE-2017-15583
2018-02-06 (2020-12-17) Vulnerability in MicroSCADA Pro SYS600 9.x - Improper Access Control CVE-2018-1168
2018-02-16 Vulnerability in ADMS netCADOPS - Bounds Checking Vulnerability CVE-2018-5477
2018-02-13 CCLAS Input Validation Vulnerabilities  
2018-04-10 Vulnerability in Relion® 630 series version 1.3 and earlier - Terminal Reboot CVE-2017-11498
CVE-2017-11497
CVE-2017-11496
2018-04-10 Vulnerabilities in PCM600 and SAB600 - Hasplms Service CVE-2017-11498,
CVE-2017-11497,
CVE-2017-11496
2018-04-17 Vulnerability in Relion® 630 series version 1.3 and earlier - Weak Database Encryption  
2018-04-17 Vulnerability in Relion® 630 series version 1.3 and earlier - MMS Path Traversal  
2018-06-28 Vulnerabilities in Sentinel HASP/LDK License Manager used in MicroSCADA Pro SYS600 9.2, 9.3, 9.4 CVE-2017-11498
CVE-2017-11497
CVE-2017-11496
CVE-2017-12818
CVE-2017-12819
CVE-2017-12820
CVE-2017-12821
CVE-2017-12822
2018-08-10 Vulnerability in eSOMS LDAP Integration CVE-2018-14805

Published (Updated) Advisory Link CVE-ID
2017-05-15 Cybersecurity Notification - WannaCry Ransomware   
2017-06-13 (2017-06-19) Cybersecurity Notification - MicroSCADA Pro SYS600 and CRASHOVERRIDE  
2017-06-16 (2017-06-30) Cybersecurity Notification - CrashOverride/Industroyer Malware  
2017-07-06 Cybersecurity Notification - NotPetya Ransomware  
2017-10-17 (2018-01-04) Vulnerability in ABB TropOS Wireless Mesh Products - WPA2 Key Reinstallation CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13084
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088
2017-11-27 Vulnerability in Ellipse8 - Ellipse Authentication to LDAP/AD CVE-2017-16731

Published (Updated) Advisory Link CVE-ID
2016-05-09 PCM 600 Vulnerabilities CVE-2016-4511,
CVE-2016-4516,
CVE-2016-4524,
CVE-2016-4527
2016-08-30 TCP Predictability Vulnerability in RTU500 series CVE-2001-0328
CVE-2015-3963
2016-10-24 TCP Predictability Vulnerability in Relion 650 series CVE-2001-0328
CVE-2015-3963
2016-10-24 TCP Predictability Vulnerability in Relion 670 series version 2.0 CVE-2001-0328
CVE-2015-3963

Published (Updated) Advisory Link CVE-ID
2015-01-28 POODLE Vulnerability in SDM600 Ver. 1.1 CVE-2014-3566
2015-02-03 POODLE Vulnerability in COM600 CVE-2014-8730
2015-02-03 POODLE Vulnerability in Relion 615 series V5.0 CVE-2014-8730
2015-02-03 POODLE Vulnerability in Relion 650 series Ver. 1.3.0 CVE-2014-3566
2015-05-11 POODLE Vulnerability in Protection and Control IED Manager PCM600 CVE-2014-8730
2015-05-20 POODLE Vulnerability in MicroSCADA Pro SYS600 CVE-2014-3566
2015-09-22 POODLE Vulnerability in RTU500 Series CVE-2014-3566
2015-11-20 POODLE Vulnerability in FOX660 series CVE-2014-3566
2015-11-20 POODLE Vulnerability in ESP630 series CVE-2014-3566
2015-11-20 POODLE Vulnerability in ETL600 series CVE-2014-3566
2015-11-20 POODLE Vulnerability in AFx series CVE-2014-3566

Published (Updated) Advisory Link CVE-ID
2014-07-03  OpenSSL Heartbleed Vulnerability in Relion CVE-2014-0160

Published (Updated) Advisory Link CVE-ID
2013-04-05 Remote Code Execution Vulnerabilities in MicroSCADA  
Cybersecurity solutions

Our PGP key to verify the document signature