Hitachi Microscada X Sys600 Vulnerabilities

Hitachi Microscada X Sys600 vulnerabilities.

21 February 2023

IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products
CVE-2022-3353
HitachiFox61x Tego15.9MEDIUM

21 November 2022

Input Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 Products
CVE-2022-3388
HitachiMicroscada Pro Sys6008.8HIGH

14 September 2022

A vulnerability exists during the start of the affected SYS600, where an input validation flaw causes a buffer-overflow while reading a specific configuration file. Subsequently SYS600 will fail to start. The configuration file can only be accessed by ...
CVE-2022-1778
HitachiMicroscada X Sys6004.4MEDIUM
A vulnerability exists in the ICCP stack of the affected SYS600 versions due to validation flaw in the process that establishes the ICCP communication. The validation flaw will cause a denial-of-service when ICCP of SYS600 is request to forward any da ...
CVE-2022-2277
HitachiMicroscada X Sys6007.5HIGH
A vulnerability exists in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS ...
CVE-2022-29922
HitachiMicroscada X Sys6007.5HIGH
A vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ...
CVE-2022-29492
HitachiMicroscada X Sys6005.3MEDIUM

12 September 2022

A vulnerability exists in the Workplace X WebUI in which an authenticated user is able to execute any MicroSCADA internal scripts irrespective of the authenticated user's role.
CVE-2022-29490
HitachiMicroscada X Sys6008.5HIGH

No more vulnerabilities to load.