Data Manipulation Vulnerability in Asset Suite by Hitachi Energy
CVE-2025-10217

6MEDIUM

Key Information:

Vendor: Hitachi
Status: Asset Suite
Vendor: CVE Published:; 30 September 2025

What is CVE-2025-10217?

A vulnerability exists in Asset Suite that allows authenticated users to manipulate performance-related log data. Specifically, users may inject crafted data into log files, potentially facilitating further malicious attacks. While performance logging is essential for troubleshooting and enhancing application performance, this vulnerability exposes the application to risks if exploited, calling for immediate attention and remediation.

Affected Version(s)

Asset Suite 9.0 <= 9.8

References

https://publisher.hitachienergy.com/preview?DocumentID=8D...

vendor-advisory

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Sep 30, 2025
Vulnerability Reserved
Sep 10, 2025

JSON