Hitachi Energy FACTS Control Platform (FCP) Product

Plan Patch8.1ICS-CERT ICSA-22-242-01Aug 30, 2022

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Hitachi Energy FACTS Control Platform (FCP) versions 1.1.0–3.12.0 contain vulnerabilities that allow remote eavesdropping on network traffic between the control platform and connected systems, unauthorized access to information, and denial-of-service conditions. The vulnerabilities have low attack complexity and do not require authentication or user interaction. Exploitation could compromise the confidentiality, integrity, and availability of control system communications.

What this means

What could happen

An attacker could intercept communications between the FCP and connected field devices, potentially reading sensitive control data, injecting malicious commands, or disrupting the platform's operation. This could lead to unplanned shutdowns, loss of situational awareness, or unauthorized changes to power system parameters.

Who's at risk

Energy and transportation operators who rely on Hitachi Energy FACTS Control Platform (FCP) for SCADA, relay protection, or power system control should assess this risk. Affected installations include grid automation systems, substation control centers, and interconnected power management platforms running FCP versions 1.1.0 through 3.12.0.

How it could be exploited

An attacker on the network (or with network reachability to the FCP) could intercept or manipulate traffic between the FCP and its connected systems due to weak encryption or authentication mechanisms. By positioning themselves on the network path, the attacker could eavesdrop, modify messages, or trigger a denial-of-service condition without needing credentials or special system access.

Prerequisites

Network access to the FCP or the communication path between FCP and field devices
No authentication required
Low attack complexity—standard network interception techniques sufficient

remotely exploitableno authentication requiredlow complexityno patch availableaffects power system communications and availability

Exploitability

Moderate exploit probability (EPSS 1.3%)

Affected products (3)

3 pending

ProductAffected VersionsFix Status

FCP: 3.0.0 - 3.12.0≥ 3.0.0 | ≤ 3.12.0No fix yet

FCP: 1.1.0 - 1.3.0≥ 1.1.0 | ≤ 1.3.0No fix yet

FCP: 2.1.0 - 2.3.0≥ 2.1.0 | ≤ 2.3.0No fix yet

Remediation & Mitigation

0/7

Do now

0/2

WORKAROUNDImplement network firewall rules to restrict access to FCP and control system traffic; limit inbound connections to the minimum ports and IP addresses required for operation

HARDENINGPhysically isolate FCP and process control systems from general corporate networks and the internet using a DMZ or separate network segment

Schedule — requires maintenance window

0/4

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade FCP to version 3.14.0 or later when released by Hitachi Energy; contact Hitachi Energy for availability and scheduling

HARDENINGDisable unnecessary services and network ports on FCP and connected devices

HARDENINGMonitor network traffic for unauthorized access attempts or anomalous communications to/from FCP

HARDENINGRestrict administrative access to FCP to authorized engineering workstations on segmented networks; implement strong authentication for all administrative functions

Long-term hardening

0/1

HARDENINGScan portable media and external systems for malware before connecting to the control network

CVEs (1)

CVE-2020-1968

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/875e1e66-fc21-40a9-aaa1-b5a70194bb51