Denial of Service Vulnerability in MicroSCADA X SYS600 by Hitachi Energy
CVE-2025-39203

8.3HIGH

Key Information:

Vendor: Hitachi
Status: Microscada X Sys600
Vendor: CVE Published:; 24 June 2025

What is CVE-2025-39203?

A vulnerability has been identified in the IEC 61850 protocol implementation of Hitachi Energy's MicroSCADA X SYS600 product. Maliciously crafted IEC 61850-8 messages originating from Intelligent Electronic Devices (IED) or remote systems may exploit this vulnerability, leading to a denial of service condition. This results in disconnection loops, disrupting system availability and reliability for users relying on this critical infrastructure monitoring and control system.

Affected Version(s)

MicroSCADA X SYS600 10.5 <= 10.6

References

https://publisher.hitachienergy.com/preview?DocumentID=8D...

CVSS V4

Score:

8.3

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2025
Vulnerability Reserved
Apr 16, 2025