Hitachi EnergyCVELIST:CVE-2021-35526CVE-2021-35526 Storage of Sensitive Information Vulnerability in Hitachi ABB Power Grids System Data Manager – SDM600 Product
6.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
7.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.5%
Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600 allows attacker to gain access to sensitive information. This issue affects: Hitachi ABB Power Grids System Data Manager – SDM600 1.2 versions prior to FP2 HF6 (Build Nr. 1.2.14002.257).
CNA Affected
[
{
"platforms": [
"prior to Build Nr. 1.2.14002.257"
],
"product": "System Data Manager – SDM600",
"vendor": "Hitachi ABB Power Grids",
"versions": [
{
"lessThan": "FP2 HF6",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
}
]References
search.abb.com/library/Download.aspx?utm_campaign=&utm_content=2021.08_5051_Cybersecurity%20Advisory%3A&utm_medium=email&utm_source=Eloqua&DocumentID=9AKK107992A4700&LanguageCode=en&DocumentPartId=&Action=Launch&elqTrackId=ba79ef3d8aec4a4fad6c0cbe06d33d6c&elq=1bda419954724e908db108def16646a5&elqaid=3638&elqat=1&elqCampaignId=
us-cert.cisa.gov/ics/advisories/icsa-21-250-02
Related
6.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
7.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.5%