On July 4, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued four significant advisories exposing serious vulnerabilities in industrial control systems (ICS) hardware from Hitachi Energy and Mitsubishi Electric.
These advisories highlight flaws in equipment widely deployed in critical infrastructure, including energy grids, utilities, and manufacturing plants, raising urgent concerns about the resilience of operational technology (OT) environments.
For organizations reliant on industrial control systems, this is more than a technical issue – it is a business-critical risk that demands immediate action.
Breaking Down the Vulnerabilities
CISA’s advisories focus on the following affected systems:
- Hitachi Energy Relion 670/650/620/615/611/611-Z series protection relays – Disk space mishandling can cause unplanned device reboots, potentially destabilizing grid or plant operations.
- Hitachi Energy SAM600-IO series input-output devices – Improper disk space management can result in shutdowns that interrupt critical processes.
- Mitsubishi Electric MicroSCADA X SYS600 supervisory control software – Multiple vulnerabilities including improper access permissions, path manipulation, denial of service vectors, information disclosure, and weak certificate validation, with CVSS scores as high as 8.5 (critical).
These devices are integral to the safe and reliable operation of substations, factories, and critical infrastructure. Any compromise or failure could lead to disruptions, data leaks, or regulatory non-compliance.
Why This Matters
ICS environments traditionally lag behind IT in cybersecurity maturity. Many organizations rely on decades-old equipment, unpatched firmware, or exposed networks to keep production lines and energy grids running.
The vulnerabilities discovered are particularly dangerous because:
- They affect equipment at the very core of critical operations.
- Attacks could cause not just data breaches but physical harm, safety incidents, and prolonged downtime.
- Threat actors, including nation-state groups, increasingly target OT systems due to their strategic importance.
- Regulatory scrutiny on ICS security is rising, with frameworks like IEC 62443 and NIST 800‑82 setting high expectations for resilience.
Immediate Steps for Organizations
Organizations with Hitachi or Mitsubishi hardware should not delay. At COE Security, we recommend the following roadmap to mitigate risks:
- Apply vendor-provided patches and firmware updates without delay.
- Audit and isolate ICS networks from corporate and public-facing systems to limit exposure.
- Implement robust segmentation and zoning strategies to contain potential breaches.
- Monitor OT environments continuously, looking for anomalies, unexpected device reboots, or unauthorized access.
- Engage vendors and third-party contractors proactively to ensure their systems and processes meet updated security standards.
- Conduct tabletop exercises to rehearse response procedures for OT incidents.
- Educate OT and engineering teams on these vulnerabilities and ensure clear communication channels.
Conclusion
The CISA advisories are another wake-up call: security vulnerabilities in industrial hardware are no longer rare, theoretical, or isolated. They are real, actionable, and impactful – capable of affecting safety, compliance, and business continuity.
Organizations cannot afford to treat OT security as secondary to IT security. Protecting ICS hardware demands equal investment, attention, and urgency.
With coordinated patching, network segmentation, monitoring, and vendor engagement, you can protect your critical operations and maintain trust with regulators, customers, and stakeholders.
About COE Security
COE Security partners with organizations across energy, utilities, manufacturing, transportation, and other critical infrastructure sectors to strengthen their operational technology security posture.
We help clients:
- Identify and remediate ICS vulnerabilities through targeted assessments and hardening strategies.
- Design and implement secure ICS network architectures, including segmentation and monitoring.
- Develop comprehensive OT risk management programs aligned with IEC 62443, NIST 800‑82, ISO 27001, and other global standards.
- Respond effectively to OT incidents with tailored incident response planning and forensic support.
- Train engineers, operators, and leadership teams to embed security awareness and resilience into daily operations.
Our mission is to ensure that your operations remain secure, compliant, and resilient – even in the face of emerging hardware threats.
Follow COE Security on LinkedIn for more insights on industrial cybersecurity, regulatory updates, and actionable defense strategies.
Click to read our LinkedIn feature article