Vulnerabilidades en Hitachi Energy
105 resultadosCVE-2024-9929MEDIUMA vulnerability exists in NSD570 that allows any authenticated
user to access all device logs disclosing login information with
timestamps.EPSS 0.3%CVE-2025-2500CRITICALA vulnerability exists in the SOAP Web services of the Asset
Suite versions listed below. If successfully exploited, an attacker
could gaiEPSS 0.3%CVE-2026-2459HIGHA vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the roleEPSS 0.3%CVE-2024-10037MEDIUMA vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crEPSS 0.3%CVE-2025-2403HIGHA denial-of-service vulnerability due to improper prioritization of network traffic over protection mechanism exists in Relion 670/650 and SEPSS 0.3%CVE-2024-7941MEDIUMAn HTTP parameter may contain a URL value and could cause
the web application to redirect the request to the specified URL.
By modifying theEPSS 0.3%CVE-2023-1514HIGHA vulnerability exists in the component RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certEPSS 0.3%CVE-2025-39204HIGHA vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering query in the Web interface can be malformed, sEPSS 0.3%CVE-2025-1445HIGHA vulnerability exists in RTU IEC 61850 client and server functionality that could impact the availability if renegotiation of an open IEC61EPSS 0.3%CVE-2025-1038HIGHThe “Diagnostics Tools” page of the web-based configuration utility does not properly validate user-controlled input, allowing an authenticaEPSS 0.3%CVE-2021-40342HIGHUse of default key for encryptionEPSS 0.3%CVE-2026-2460HIGHA vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by usingEPSS 0.3%CVE-2022-3388HIGHInput Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 ProductsEPSS 0.3%CVE-2025-10217MEDIUMA vulnerability exists in Asset Suite for an authenticated user to manipulate the content of performance related log data or to inject craftEPSS 0.3%CVE-2024-28021HIGHA vulnerability exists in the FOXMAN-UN/UNEM server that affects the message
queueing mechanism’s certificate validation. If exploited an aEPSS 0.3%CVE-2026-1772MEDIUMRTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via the RTU500 web user EPSS 0.3%CVE-2025-27631MEDIUMThe TRMTracker web application is vulnerable to LDAP injection attack potentially allowing an attacker to inject code into a query and execuEPSS 0.3%CVE-2021-35531—Remote Code Execution in TXpert Hub CoreTec 4EPSS 0.3%CVE-2021-35528HIGHAuthentication Bypass Vulnerability Vulnerability in Retail Operations Product and Counterparty Settlement and Billing (CSB)EPSS 0.3%CVE-2023-1711MEDIUMA vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to the network elemEPSS 0.2%