All news with #iec 61850 tag

Hitachi Energy MACH GWS Vulnerabilities — Patch Alert

⚠️ Hitachi Energy reported three vulnerabilities in MACH GWS (versions 3.0.0.0–3.4.0.0) that could enable local tampering, denial-of-service via IEC 61850 message handling, or remote man-in-the-middle attacks. The issues are categorized as Incorrect Default Permissions, Improper Validation of Integrity Check Value, and Improper Certificate Validation and carry CVSS v4 scores up to 7.1. Hitachi Energy recommends updating to MACH GWS 3.5 immediately and following deployment guidance such as network segregation, minimal exposed ports, scanning removable media, and enforcing strong password policies. CISA notes no known public exploitation at this time.