CISA has issued an alert regarding a critical vulnerability in Hitachi Energy's FOX61x series devices that could allow remote attackers to execute arbitrary code and gain full control of affected systems.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding a vulnerability in Hitachi Energy's FOX61x series devices, which are widely used in power grid infrastructure and energy management systems. The vulnerability, tracked as CVE-2024-2847, has been assigned a CVSS score of 9.8 out of 10, indicating its severe risk level.
The vulnerability exists in the authentication mechanism of the FOX61x devices, allowing unauthenticated remote attackers to bypass security controls and execute arbitrary code with root privileges. According to CISA's advisory, successful exploitation could lead to complete system compromise, data theft, and potential disruption of critical energy infrastructure.
"This vulnerability poses a significant risk to energy sector organizations that rely on these devices for grid management and monitoring," said Sarah Chen, CISA's Industrial Control Systems Cybersecurity lead. "The ability for remote attackers to gain root access without authentication is particularly concerning given the critical nature of these systems."
Hitachi Energy has released firmware updates to address the vulnerability, and CISA strongly recommends that all affected organizations apply these patches immediately. The company has also provided mitigation guidance for organizations that cannot immediately update their systems.
Organizations using FOX61x devices should:
- Immediately check device firmware versions and apply available updates
- Implement network segmentation to isolate vulnerable devices
- Monitor network traffic for suspicious activity
- Review access controls and authentication mechanisms
- Consider temporarily disconnecting affected devices if immediate patching isn't possible
The vulnerability affects multiple FOX61x models, including those used in substations, renewable energy installations, and industrial control systems. Energy sector organizations are particularly urged to prioritize remediation efforts due to the potential impact on grid stability and public safety.
CISA has added this vulnerability to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch affected systems by the specified deadline. While the vulnerability has not yet been observed in active attacks, security researchers warn that the critical nature of the flaw makes it likely to be targeted by threat actors.
Organizations can find additional technical details, patch information, and mitigation guidance on CISA's website at cisa.gov/uscert and Hitachi Energy's security advisory portal.
Comments
Please log in or register to join the discussion