Hitachi Energy MicroSCADA X DMS600

Plan Patch8.8ICS-CERT ICSA-22-298-04Oct 25, 2022

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Hitachi Energy DMS600 contains an authorization bypass vulnerability (CWE-1357) that allows an authenticated user with valid credentials to gain unauthorized access to information and modify system settings. The vulnerability requires user-level access and is not remotely exploitable by default since PostgreSQL is deployed locally only. Hitachi Energy recommends updating to version 4.6.

What this means

What could happen

An authenticated attacker with user-level access to DMS600 could read sensitive information (configuration, data, credentials) or modify system settings, potentially affecting power distribution operations and visibility.

Who's at risk

Energy utilities operating Hitachi Energy DMS600 distribution management systems should prioritize this patch. DMS600 is used for managing power distribution operations and configuration, so compromised access could affect grid visibility and control.

How it could be exploited

An attacker with valid user credentials can log into DMS600 and exploit an authorization bypass to access information or modify settings they should not be permitted to access. The attacker could be an insider with low-privilege access, or someone who has compromised a user account.

Prerequisites

Valid user credentials for DMS600 access
Network access to the DMS600 interface (typically local network or engineering workstation connection)
Knowledge of DMS600 system operation (medium complexity)

remotely exploitablerequires valid credentialsaffects critical energy infrastructurelow public exploit availability

Exploitability

Low exploit probability (EPSS 0.5%)

Affected products (1)

ProductAffected VersionsFix Status

DMS600 - DMS600:4.54.6

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDRestrict DMS600 network access to authorized engineering workstations and control system networks only using firewall rules

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate DMS600 to version 4.6 or later as provided by Hitachi Energy

Long-term hardening

0/3

HARDENINGImplement network segmentation to isolate DMS600 on a dedicated VLAN separate from general IT networks and the Internet

HARDENINGEnforce strong password policies and multi-factor authentication for DMS600 user accounts

HARDENINGDisable or restrict unnecessary network services and protocols on DMS600

CVEs (2)

CVE-2021-32027 CVE-2021-32028

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f5a3ad81-311f-44b7-b61e-42fe2b5afbb0