csaf_cisa - icsa-22-333-02

icsa-22-333-02

Vulnerability from csaf_cisa

Published

2022-11-29 07:00

Modified

2024-07-23 06:00

Summary

Hitachi Energy IED Connectivity Packages and PCM600 Products (Update A)

Notes

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability could allow an attacker to obtain sensitive credentials and gain access to the affected products, perform unauthorized modifications, or provoke a denial-of-service condition.

Critical infrastructure sectors

Energy

Countries/areas deployed

Worldwide

Company headquarters location

Switzerland

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/ics in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Recommended Practices

No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Hitachi Energy",
        "summary": "reporting this vulnerability to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could allow an attacker to obtain sensitive credentials and gain access to the affected products, perform unauthorized modifications, or provoke a denial-of-service condition. ",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Energy",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Switzerland",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/ics in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-333-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-333-02.json"
      },
      {
        "category": "self",
        "summary": "ICSA Advisory ICSA-22-333-02 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-333-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      }
    ],
    "title": "Hitachi Energy IED Connectivity Packages and PCM600 Products (Update A)",
    "tracking": {
      "current_release_date": "2024-07-23T06:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-333-02",
      "initial_release_date": "2022-11-29T07:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-11-29T07:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        },
        {
          "date": "2024-07-23T06:00:00.000000Z",
          "legacy_version": "Update A",
          "number": "2",
          "summary": "Update A - Updated vulnerability description and mitigation section"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=v2.11_including_hotfixes",
                "product": {
                  "name": "Hitachi Energy PCM600: \u003c=v2.11_including_hotfixes",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "PCM600"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=3.0|\u003c3.4.1",
                "product": {
                  "name": "Hitachi Energy 670 Connectivity Package: \u003e=3.0|\u003c3.4.1",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "670 Connectivity Package"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=1.3|\u003c2.4.1",
                "product": {
                  "name": "Hitachi Energy 650 Connectivity Package: \u003e=1.3|\u003c2.4.1",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "650 Connectivity Package"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=1.0|\u003c1.2",
                "product": {
                  "name": "Hitachi Energy SAM600-IO Connectivity Package: \u003e=1.0|\u003c1.2",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "SAM600-IO Connectivity Package"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=1.3|\u003c1.3.1",
                "product": {
                  "name": "Hitachi Energy GMS600 Connectivity Package: \u003e=1.3|\u003c1.3.1",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "GMS600 Connectivity Package"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=1.1|\u003c1.3",
                "product": {
                  "name": "Hitachi Energy PWC600 Connectivity Package: \u003e=1.1|\u003c1.3",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "PWC600 Connectivity Package"
          }
        ],
        "category": "vendor",
        "name": "Hitachi Energy"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-2513",
      "cwe": {
        "id": "CWE-312",
        "name": "Cleartext Storage of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u0027s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file can exploit the vulnerability and obtain user credentials of the IEDs. Additionally, an attacker with administrator access to the PCM600 host machine can obtain other user credentials by analyzing database log files. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2513"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Hitachi Energy released the following recommended immediate actions:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to PCM600 v2.11 Hotfix 20240426 or apply mitigation factors/workarounds as described below.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "After applying the hotfix, reimport and export the backup files to secure that they do not contain this vulnerability. More information to deploy PCM600 securely can be found in the following documents:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "1MRS758440, PCM600 Cyber Security Deployment Guideline",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Hitachi Energy recommends the following steps to mitigate the risk of vulnerability exploitation:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Implement the least privilege principle, continuously revising permissions and accesses to PCM600 related resources, including the backup file, PCMI, PCMP, PCMA and PCMT files.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use a firewall system with the minimal number of exposed ports to help protect a process control network from attacks originating from outside the network.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "mitigation",
          "details": "Protect process control systems from direct, physical access by unauthorized personnel.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "mitigation",
          "details": "Ensure process control systems are not directly connected to the internet.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "mitigation",
          "details": "Separate process control systems from other networks via network segmentation techniques.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid using process control systems for browsing the internet, instant messaging, or receiving emails.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "mitigation",
          "details": "Scan removable storage media for malware prior to connection to a process control system.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information, see Hitachi Energy\u0027s Cybersecurity Advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ],
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006"
          ]
        }
      ]
    }
  ]
}

cve-2022-2513

Vulnerability from cvelistv5

Published

2022-11-22 10:30

Modified

2024-08-03 00:39

Severity

7.1 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Summary

Cleartext Credentials Vulnerability on Hitachi Energy’s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products

References

URL	Tags
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000120&LanguageCode=en&DocumentPartId=&Action=Launch

Impacted products

Vendor	Product
Hitachi Energy	PCM600
Hitachi Energy	670 Connectivity Package
Hitachi Energy	650 Connectivity Package
Hitachi Energy	SAM600-IO Connectivity Package
Hitachi Energy	GMS600 Connectivity Package
Hitachi Energy	PWC600 Connectivity Package

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:39:08.068Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PCM600",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "2.11 Hotfix 20220617",
              "status": "affected",
              "version": "v2.6",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "670 Connectivity Package",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "3.4.1",
              "status": "affected",
              "version": "3.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "650 Connectivity Package",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "2.4.1",
              "status": "affected",
              "version": "1.3",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "SAM600-IO Connectivity Package",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "1.2",
              "status": "affected",
              "version": "1.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GMS600 Connectivity Package",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "1.3.1",
              "status": "affected",
              "version": "1.3",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PWC600 Connectivity Package",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "1.3",
              "status": "affected",
              "version": "1.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "PSE - Polskie Sieci Elektroenergetyczne (Polish Power Grid Company (PPGC))"
        }
      ],
      "datePublic": "2022-11-15T13:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file can exploit the vulnerability and obtain user credentials of the IEDs. Additionally, an attacker with administrator access to the PCM600 host machine can obtain other user credentials by analyzing database log files. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file can exploit the vulnerability and obtain user credentials of the IEDs. Additionally, an attacker with administrator access to the PCM600 host machine can obtain other user credentials by analyzing database log files. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-28T10:20:49.089Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to PCM600 v2.11 Hotfix 20240426 or apply mitigation\nfactors/workarounds as described in the Mitigation Factors/Workarounds Section.\u003cbr\u003e\u003cbr\u003eList of CPEs:\u0026nbsp;\u003cbr\u003ecpe:2.3:a:hitachienergy:pcm600:*:*:*:*:*:*:*:*\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:670ConnectivityPackage:3.4.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.3.0:*:*:*:*:*:*:*\n\u003cbr\u003e\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.2.6:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.1.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.0.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\u003cbr\u003ecpe:2.3:a:hitachienergy:650ConnectivityPackage:2.4.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.2.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.1.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\u003cbr\u003ecpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.2.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.1.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.0.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.2:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.1:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e \n\n\u003cbr\u003e"
            }
          ],
          "value": "Update to PCM600 v2.11 Hotfix 20240426 or apply mitigation\nfactors/workarounds as described in the Mitigation Factors/Workarounds Section.\n\nList of CPEs:\u00a0\ncpe:2.3:a:hitachienergy:pcm600:*:*:*:*:*:*:*:*\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.4.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.3.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.2.6:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.0.2:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.4.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.3.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.2.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.0.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.1:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*"
        }
      ],
      "source": {
        "advisory": "8DBD000120",
        "discovery": "EXTERNAL"
      },
      "title": "Cleartext Credentials Vulnerability on Hitachi Energy\u2019s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "It is recommended to implement and continuously revise least privileges principles to minimize permissions and\naccesses to PCM600 related resources, included the backup file, PCMI/PCMP file.\u003cbr\u003e\u003cbr\u003e Recommended security\npractices and firewall configurations can help protect a process control network from attacks that originate from\noutside the network. Such practices include that process control systems are physically protected from direct\naccess by unauthorized personnel, have no direct connections to the Internet, and are separated from other\nnetworks by means of a firewall system that has a minimal number of ports exposed, and others that have to be\nevaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or\nreceiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses\nbefore they are connected to a control system. \u003cbr\u003e\u003cbr\u003eAn additional recommendation is to follow the hardening guidelines published by \u201cThe Center for Internet Security\n(CIS)\u201d \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisecurity.org/about-us/\"\u003ehttps://www.cisecurity.org/about-us/\u003c/a\u003e to protect the host Operating System.\n\u003cbr\u003e\u003cbr\u003eMore information to deploy PCM600 securely can be found in the following documents:\n1MRS758440, PCM600 Cyber Security Deployment Guideline\n\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "It is recommended to implement and continuously revise least privileges principles to minimize permissions and\naccesses to PCM600 related resources, included the backup file, PCMI/PCMP file.\n\n Recommended security\npractices and firewall configurations can help protect a process control network from attacks that originate from\noutside the network. Such practices include that process control systems are physically protected from direct\naccess by unauthorized personnel, have no direct connections to the Internet, and are separated from other\nnetworks by means of a firewall system that has a minimal number of ports exposed, and others that have to be\nevaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or\nreceiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses\nbefore they are connected to a control system. \n\nAn additional recommendation is to follow the hardening guidelines published by \u201cThe Center for Internet Security\n(CIS)\u201d  https://www.cisecurity.org/about-us/  to protect the host Operating System.\n\n\nMore information to deploy PCM600 securely can be found in the following documents:\n1MRS758440, PCM600 Cyber Security Deployment Guideline"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2022-2513",
    "datePublished": "2022-11-22T10:30:34.309Z",
    "dateReserved": "2022-07-22T13:30:13.171Z",
    "dateUpdated": "2024-08-03T00:39:08.068Z",
    "requesterUserId": "add9a720-9bad-45a2-bedc-fce6888e4172",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

icsa-22-333-02

Vulnerability from csaf_cisa

cve-2022-2513

Vulnerability from cvelistv5

Tags