Local File Tampering Vulnerability in MicroSCADA X SYS600 by Hitachi Energy
CVE-2025-39201

6.9MEDIUM

Key Information:

Vendor

Hitachi
Status
Microscada X Sys600
Vendor
CVE Published:
24 June 2025

What is CVE-2025-39201?

A local file tampering vulnerability exists in MicroSCADA X SYS600 which, if exploited, allows an unauthenticated attacker to modify critical system files. This manipulation can lead to a denial of the Notify service, potentially disrupting operations and compromising system integrity. Organizations using this product should assess their security posture and implement necessary mitigations promptly.

Affected Version(s)

MicroSCADA X SYS600 10.0 <= 10.6

References

https://publisher.hitachienergy.com/preview?DocumentID=8D...

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.