Review – 2 Advisories and 5 Updates Published – 6-5-25

Today CISA’s NCCIC-ICS published two control system security advisories for products from Hitachi Energy and CyberData. They updated advisories for products from Mitsubishi and Hitachi Energy (4).

Advisories

Hitachi Energy Advisory - This advisory discusses the BadAlloc vulnerabilities in the Hitiachi EnergyRelion 670, Relion 650, and SAM600-IO products.

CyberData Advisory - This advisory describes five vulnerabilities in the CyberData 011209 SIP Emergency Intercom.

Updates

Mitsubishi Update - This update provides additional information on the FA Engineering Software Products advisory that was originally published on February 18^th, 2021, and most recently updated on November 17^th, 2022.

Hitachi Energy Update #1 - This update provides additional information on the Relion 670/650/SAM600-IO Series advisory that was originally published on May 13^th, 2025.

Hitachi Energy Update #2 - This update provides additional information on the Relion 670, 650 and SAM600-IO Series advisory that was originally published on March 9^th, 2025.

Hitachi Energy Update #3 - This update provides additional information on the Relion 670/650/SAM600-IO advisory that was originally published on December 2^nd, 2021.

Hitachi Energy Update #4 - This update provides additional information on the IEC 61850 MMS-Server advisory that was originally published on March 30^th, 2023.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-5-updates-published - subscription required.