Media Upload Vulnerability in Hitachi Energy Asset Suite
CVE-2025-1484

6.3MEDIUM

Key Information:

Vendor: Hitachi
Status: Asset Suite
Vendor: CVE Published:; 30 May 2025

What is CVE-2025-1484?

A security flaw has been identified in the media upload component of Hitachi Energy’s Asset Suite. This vulnerability may allow an attacker to manipulate requests in such a way that malicious JavaScript code can be executed in the browser of the user who is authenticated within the application's context. This could potentially lead to unauthorized access to user data or affect the integrity of the system, posing significant risks to the confidentiality of sensitive information.

Affected Version(s)

Asset Suite 9.6.4.4

Asset Suite 9.6.4.5

References

https://publisher.hitachienergy.com/preview?DocumentID=8D...

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2025
Vulnerability Reserved
Feb 19, 2025