March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Multiple Hitachi Energy Vulnerabilities
December 22, 2021Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
December 22, 2021Rewterz Threat Advisory – ICS: Multiple Hitachi Energy Vulnerabilities
December 22, 2021Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
December 22, 2021
Severity
High
Analysis Summary
CVE-2021-26264
A specially crafted script could cause a controller to restart and cause a denial-of-service condition.
CVE-2021-44463
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation when some DeltaV services are started.
Impact
- Denial of Service
- Privilege Escalation
Affected Vendors
- Emerson
Affected Products
- DeltaV Distributed Control System Controllers and Workstations: All versions
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.