PatchSiren cyber security CVE debrief
CVE-2023-28388 Hitachi Energy CVE debrief
CVE-2023-28388 is a medium-severity issue published by CISA on 2025-02-25 for Hitachi Energy MACH PS700. The advisory text describes an uncontrolled search path element in some Intel(R) Chipset Device Software that may allow an authenticated local user to potentially escalate privileges. For defenders, the practical concern is exposure in affected MACH PS700 v2 System deployments where local access is already available or could be obtained.
- Vendor
- Hitachi Energy
- Product
- MACH PS700 v2 System
- CVSS
- MEDIUM 6.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-25
- Original CVE updated
- 2025-02-25
- Advisory published
- 2025-02-25
- Advisory updated
- 2025-02-25
Who should care
OT asset owners, control-system operators, maintenance engineers, and integrators responsible for Hitachi Energy MACH PS700 v2 System deployments should review this advisory. IT teams should also care if endpoint software inventory shows the referenced Intel chipset driver/software on systems that support or administer the affected environment.
Technical summary
The advisory maps CVE-2023-28388 to Hitachi Energy MACH PS700 v2 System and cites an uncontrolled search path element in Intel(R) Chipset Device Software before version 10.1.19444.8378. The stated impact is local privilege escalation by an authenticated user via local access. CISA lists the CVSS vector as AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H, which aligns with a lower-likelihood but high-impact local attack path.
Defensive priority
Medium priority. The issue is locally exploitable and requires authentication/local access, but it can still matter in OT environments where shared workstations, maintenance laptops, or administrative sessions can provide the needed foothold. Prioritize if the affected product is deployed in sensitive or hard-to-monitor environments.
Recommended defensive actions
- Confirm whether MACH PS700 v2 System is present in your environment and whether the referenced Intel chipset software version is installed.
- Apply the vendor-provided patch scripts or remove the vulnerable software as directed in the advisory.
- Review local-account and administrative access paths on affected hosts to reduce the chance that an authenticated local user can reach the vulnerable component.
- Limit interactive access to engineering and maintenance systems and monitor for unusual privilege escalation activity on endpoints that support the affected product.
- Coordinate remediation with Hitachi Energy/local account teams before making changes in operational technology environments, especially where downtime or configuration constraints apply.
Evidence notes
This debrief is based only on the supplied CISA CSAF advisory record (ICSA-25-063-03) and its listed references. The source corpus contains a naming mismatch between the advisory title/product (Hitachi Energy MACH PS700 / MACH PS700 v2 System) and the CVE description text (Intel(R) Chipset Device Software); the advisory-defined affected product scope is used here. No KEV entry or ransomware-campaign association is present in the supplied data.
Official resources
-
CVE-2023-28388 CVE record
CVE.org
-
CVE-2023-28388 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory on 2025-02-25. The supplied enrichment indicates this CVE is not in CISA KEV and has no known ransomware-campaign association in the source corpus.