Vulnerabilidades en Hitachi Energy
105 resultadosCVE-2021-35534HIGHInsufficient Security Control VulnerabilityEPSS 1.7%CVE-2024-41153HIGHCommand injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows for the execution of arbitrary system commEPSS 1.6%CVE-2022-3686MEDIUMSDM600 API permission checkEPSS 1.4%CVE-2022-3353MEDIUMIEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy ProductsEPSS 1.1%CVE-2025-1036HIGHCommand injection vulnerability exists in the “Logging” page of the web-based configuration utility. An authenticated user with low privilegEPSS 1.0%CVE-2021-40334HIGHSSH activation problem in the proprietary management protocol (port TCP 5558)EPSS 1.0%CVE-2021-35533HIGHSpecially Crafted IEC 60870-5-104 Packet Vulnerability in RTU500 seriesEPSS 0.9%CVE-2022-28613HIGHSpecially Crafted Modbus TCP Packet Vulnerability in RTU500 seriesEPSS 0.9%CVE-2022-3682CRITICALSDM600 file permission validationEPSS 0.8%CVE-2023-4518MEDIUMA vulnerability exists in the input validation of the GOOSE
messages where out of range values received and processed
by the IED caused a EPSS 0.7%CVE-2024-2013CRITICALAn authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway component that if exploited allows attackers withouEPSS 0.7%CVE-2023-6711MEDIUMVulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially EPSS 0.7%CVE-2024-2617HIGHA vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update,
if secure update feature EPSS 0.7%CVE-2022-29922HIGHA vulnerability exists in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS ...EPSS 0.7%CVE-2022-2081HIGHA vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and coEPSS 0.6%CVE-2022-2277HIGHA vulnerability exists in the ICCP stack of the affected SYS600 versions due to validation flaw in the process that establishes the ICCP communication. The validation flaw will cause a denial-of-service when ICCP of SYS600 is request to forward any da ...EPSS 0.6%CVE-2021-40333CRITICALWeak default credential associated with TCP port 26EPSS 0.6%CVE-2024-0400HIGHSCM Software is a client and server application. An Authenticated System manager client can execute LINQ query in the SCM server, for customEPSS 0.6%CVE-2022-29492MEDIUMA vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ...EPSS 0.6%CVE-2022-3684HIGHSDM600 endpoint vulnerability EPSS 0.6%