CVE-2025-39205

High CVSS: 7.1

A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation.

Vendor

Hitachienergy

Product

Microscada X Sys600

CWE

CWE-295

Yayın Tarihi

2025-06-24 13:15:22

Güncelleme

2026-01-30 18:36:38

Source Identifier

cybersecurity@hitachienergy.com

KEV Date Added

Kategoriler

CWE-295 Microscada X Sys600 HIGH Hitachienergy 2025

Referanslar

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000218&LanguageCode=en&DocumentPartId=&Action=Launch

Benzer Kayıtlar

High

CVE-2026-2459

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of direc…

High

CVE-2026-2460

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of…

Medium

CVE-2026-1772

RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via…

High

CVE-2026-1773

IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if…

Medium

CVE-2025-39201

A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local unauthenticated attacker to…

High

CVE-2025-39202

A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with lo…