CVE-2025-39204

High CVSS: 8.5

A vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering query in the Web interface can be malformed, so returning data can leak unauthorized information to the user.

Vendor

Hitachienergy

Product

Microscada X Sys600

CWE

CWE-200

Yayın Tarihi

2025-06-24 12:15:21

Güncelleme

2026-01-26 18:42:02

Source Identifier

cybersecurity@hitachienergy.com

KEV Date Added

Kategoriler

CWE-200 Microscada X Sys600 HIGH Hitachienergy 2025

Referanslar

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000218&LanguageCode=en&DocumentPartId=&Action=Launch

Benzer Kayıtlar

High

CVE-2026-2459

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of direc…

High

CVE-2026-2460

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of…

Medium

CVE-2026-1772

RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via…

High

CVE-2026-1773

IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if…

High

CVE-2025-39205

A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol a…

Medium

CVE-2025-39201

A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local unauthenticated attacker to…