CISA flags Hitachi Energy ITT600 Explorer DoS flaws
The operational work is simple: inventory IEC 61850 server simulation use, then patch or isolate the affected testing tool.
TL;DR
CISA republished Hitachi Energy’s advisory for CVE-2024-8176 and CVE-2025-59375, two CVSS 7.5 flaws in ITT600 Explorer. Versions before 2.1 SP6 HF1, including 2.1 SP6, can be driven into denial of service through malicious IEC 61850 parsing when server simulation is used. DIB operators, C3PAOs and assessors with the tool in energy or test environments should update to 2.1 SP6 HF1 or move to 2.2 when available.
CISA’s advisory is a straight patch notice for Hitachi Energy ITT600 Explorer, not a new compliance mandate. The affected product is the Integrated Testing Tool ITT600 SA Explorer used for IEC 61850 server simulation, and Hitachi Energy says the flaws do not affect IEC 61850 system endpoints. The two vulnerabilities, CVE-2024-8176 and CVE-2025-59375, both carry CVSS 3.1 scores of 7.5 and can cause denial of service through libexpat parsing behavior when server simulation is in use.
The remediation path is narrow: update to ITT600 Explorer 2.1 SP6 HF1, or upgrade to version 2.2 when available. The advisory does not give a separate availability timeline for 2.2. Until the update is applied, CISA’s usual ICS guidance applies: limit network exposure, keep control-system assets off the public internet, isolate control networks from business networks and assess impact before deploying defensive changes.
Published ·Deep Fathom