HomeIntelligenceBrief
VULNERABILITY BRIEF🟡 Medium Vulnerability

Timing Side‑Channel (CVE‑2022‑4304) in Hitachi Energy GMS600 Enables TLS Decryption – Moderate Risk for Critical Manufacturing

A timing‑based side‑channel in OpenSSL (CVE‑2022‑4304) affects Hitachi Energy GMS600 firmware 1.3.0‑1.3.1, allowing an attacker to recover TLS pre‑master secrets and decrypt traffic. The vulnerability poses a confidentiality risk for organizations that depend on GMS600 for critical manufacturing and energy operations.

LiveThreat™ Intelligence · 📅 May 22, 2026· 📰 cisa.gov
🟡
Severity
Medium
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
5 recommended
📰
Source
cisa.gov

Timing Side‑Channel (CVE‑2022‑4304) in Hitachi Energy GMS600 Enables TLS Decryption – Moderate Risk for Critical Manufacturing

What It Is – Hitachi Energy’s GMS600 (versions 1.3.0‑1.3.1) embeds a vulnerable OpenSSL library (CVE‑2022‑4304). The flaw is a timing‑based side‑channel in RSA decryption that can be exploited to recover the TLS pre‑master secret and decrypt application data.

Exploitability – The attack requires the ability to send a very large number of crafted TLS handshake messages and measure processing time. No public exploit code is known, but the technique is well‑understood (Bleichenbacher‑style) and could be weaponized by nation‑state or sophisticated criminal actors. CVSS v3.1 5.9 (Medium).

Affected Products – Hitachi Energy GMS600, firmware ≥ 1.3.0 ≤ 1.3.1 (embedded OpenSSL).

TPRM Impact – Organizations that rely on GMS600 for grid‑monitoring, substation control, or other critical‑manufacturing processes expose confidential operational data to potential interception. A compromised third‑party could harvest TLS traffic, infer network topology, or extract proprietary control‑system information, creating a supply‑chain confidentiality risk.

Recommended Actions

  • Apply Hitachi Energy’s mitigation guidance immediately (see CISA advisory).
  • Upgrade to a firmware version that ships with a patched OpenSSL or replace the OpenSSL component with a constant‑time implementation.
  • Enforce TLS 1.3 where possible; disable RSA‑PKCS#1 v1.5 cipher suites.
  • Deploy network‑level rate‑limiting and anomaly detection for TLS handshake traffic to the GMS600.
  • Review third‑party contracts for security‑by‑design clauses and require proof of remediation.

Source: CISA Advisory – ICSA‑26‑141‑01

📰 Original Source
https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-01

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Misconfigurations are control gaps in disguise.

Verisq AI Trust Operations turns findings like this into mapped controls with continuous evidence, keeping your audit readiness current instead of point-in-time.

Map your controls with Verisq AI Trust Operations →