OTPulse
FeedAboutContact

Hitachi Energy MACH PS700

Monitor6.7ICS-CERT ICSA-25-063-03Mar 4, 2025
Attack VectorLocal
Auth RequiredLow
ComplexityHigh
User InteractionRequired
Summary

Hitachi Energy MACH PS700 v2 System contains a privilege escalation vulnerability in Intel chipset software (CWE-427). An attacker with local system access and standard user credentials could exploit this vulnerability to escalate privileges and gain administrative control over the power system software. Hitachi Energy recommends implementing patch scripts to remove the vulnerable software component. The vulnerability is not remotely exploitable and requires high attack complexity to exploit.

What this means
What could happen
An attacker with local access to a MACH PS700 v2 System could escalate privileges and gain administrative control over the power system software, potentially allowing them to alter system configurations or operational parameters.
Who's at risk
Electric utilities and power generation facilities using Hitachi Energy MACH PS700 v2 Systems for power system management and control. This affects grid operators, power distribution control systems, and any organization relying on this software for energy management infrastructure.
How it could be exploited
An attacker must already have local access to the MACH PS700 v2 system with standard user credentials. They exploit a privilege escalation vulnerability in the Intel chipset software to elevate to administrator privileges and assume control over the system.
Prerequisites
  • Local access to the MACH PS700 v2 system
  • Standard user credentials (PR:L)
  • Ability to interact with the system interface (UI:R)
  • The specific vulnerable Intel chipset software must be present
Local access required (not remotely exploitable)Requires user credentials and system interactionHigh attack complexityPrivilege escalation impactIntel chipset dependencyNo vendor patch available
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
MACH PS700 v2 Systemv2No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGRestrict physical and logical local access to MACH PS700 v2 systems to authorized personnel only
HARDENINGEnsure MACH PS700 v2 systems are not directly connected to business networks and are isolated behind firewalls
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXContact Hitachi Energy account team to obtain and implement patch scripts to remove the vulnerable Intel chipset software
Mitigations - no patch available
0/1
MACH PS700 v2 System has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGDisable unnecessary local access points and enforce multi-factor authentication for any remote access to the system
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/1129f48d-7529-45ba-af14-29d12bf2cef4