Hitachienergy | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.

IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not…

RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via the RTU500 web user interface but requires further tools like browser development utilities to access them without requi…

A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation.

A vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering query in the Web interface can be malformed, so returning data can leak unauthorized information to the user.

A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 product. An IEC 61850-8 crafted message content from IED or remote system can cause a denial of service resulting in disconnection loop.

A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption.

A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local unauthenticated attacker to tamper a system file, making denial of Notify service.