CISA released an advisory on July 23, 2024, detailing vulnerabilities in Hitachi Energy‘s AFS and AFR series products. The advisory, identified as ICSA-24-205-02, highlights issues in models such as AFS650 and AFR677 that could lead to a denial-of-service condition if exploited. The vulnerabilities include type confusion, use after free, double free, and observable discrepancies, all of which have been assigned specific CVEs and varying CVSS scores indicating their severity.
The affected versions include AFS650 (version 9.1.08 and prior), AFS660-C (version 7.1.05 and prior), and other related models. These vulnerabilities could be exploited remotely with low attack complexity, posing significant risks to the security and stability of the systems. Notably, CVE-2023-0286 and CVE-2023-0215 are among the identified vulnerabilities, highlighting critical weaknesses that need immediate attention.
Mitigations have been released to address these issues, including firmware updates for the affected products. For instance, AFS650 users are advised to upgrade to firmware version 9.1.10, while other models should update to the recommended firmware versions. Additionally, CISA suggests adopting security best practices, such as isolating control systems behind firewalls and using secure remote access methods like VPNs.
CISA also emphasizes the importance of performing risk assessments and impact analyses before implementing defensive measures. Organizations should stay vigilant against social engineering attacks and follow the recommended security strategies to protect their industrial control systems. No public exploitation of these vulnerabilities has been reported, but proactive measures are crucial for maintaining cybersecurity.