File Overwrite Vulnerability in MicroSCADA X SYS600 by Hitachi Energy
CVE-2025-39202

8.3HIGH

Key Information:

Vendor: Hitachi
Status: Microscada X Sys600
Vendor: CVE Published:; 24 June 2025

What is CVE-2025-39202?

The MicroSCADA X SYS600 system from Hitachi Energy contains a vulnerability in its Monitor Pro interface, allowing authenticated users with limited privileges to gain unauthorized access to sensitive files. This can result in the overwriting of critical data, leading to potential data corruption and information leaks. Organizations using this platform should take immediate action to mitigate risks and safeguard their systems.

Affected Version(s)

MicroSCADA X SYS600 10.0 <= 10.6

References

https://publisher.hitachienergy.com/preview?DocumentID=8D...

CVSS V4

Score:

8.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Apr 16, 2025