Hitachi Energy GMS600

MonitorCVSS 5.9ICS-CERT ICSA-26-141-01Jun 27, 2023

Hitachi EnergyEnergy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Hitachi Energy GMS600 versions 1.3.0 through 1.3.1 contain a vulnerability in the bundled OpenSSL component (CVE-2022-4304). An attacker with network access can exploit a timing side-channel to recover the pre-master secret used in TLS connections. By sending trial messages and measuring response times, an attacker could decrypt previously captured encrypted traffic and access sensitive data. The vulnerability requires network access to the server and collection of encrypted traffic but allows decryption of past communications without authentication.

What this means

What could happen

An attacker could exploit a timing vulnerability in the OpenSSL component to recover encryption keys used by GMS600, allowing them to decrypt previously captured network traffic and access sensitive operational data transmitted over the connection.

Who's at risk

Energy sector operators running Hitachi Energy GMS600 versions 1.3.0 and 1.3.1, particularly those using GMS600 for grid management or control system communications where confidentiality of transmitted data is important.

How it could be exploited

An attacker with network access to GMS600 sends specially crafted trial messages to the server and measures response times. By analyzing timing differences across many messages, the attacker can derive the pre-master secret and decrypt past application data. This requires capturing the original encrypted traffic and performing offline cryptographic analysis.

Prerequisites

Network access to GMS600 server
Ability to send multiple probe messages to the server
Capture of encrypted traffic from the original connection

remotely exploitableaffects encrypted communicationstiming-based side-channel attack

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (1)

ProductAffected VersionsFix Status

GMS600≥ 1.3.0, ≤ 1.3.11.3.2

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade GMS600 to version 1.3.2 or later

CVEs (1)

CVE-2022-4304

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/335c0655-a44f-4878-a6c6-c285e4ea270d

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.