Hitachi Energy Modular Switchgear Monitoring (MSM)

🗓️ 04 Oct 2022 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics

ics🔗 www.cisa.gov👁 36 Views

Hitachi Energy MSM Vulnerabilities - CSRF, HTTP Response Splittin

Reporter	Title	Published	Views	Family All 17
BDU FSTEC	The vulnerability in the HTTP web interface of the software for high-voltage distribution device monitoring systems from Hitachi Modular Switchgear Monitoring (MSM) allows a perpetrator to execute arbitrary code.	12 Oct 202200:00	–	bdu_fstec
BDU FSTEC	The vulnerability in the HTTP web interface of the software for high-voltage distribution device monitoring systems from Hitachi Modular Switchgear Monitoring (MSM) allows a attacker to perform a CSRF attack.	12 Oct 202200:00	–	bdu_fstec
Circl	CVE-2021-40335	25 Jul 202218:33	–	circl
CNNVD	Hitachi Energy MSM 注入漏洞	25 Jul 202200:00	–	cnnvd
CNNVD	Hitachi Energy MSM 跨站请求伪造漏洞	25 Jul 202200:00	–	cnnvd
CVE	CVE-2021-40335	25 Jul 202214:32	–	cve
CVE	CVE-2021-40336	25 Jul 202214:34	–	cve
Cvelist	CVE-2021-40335 Cross Site Request Forgery (CSRF) in Hitachi Energy’s MSM Product	25 Jul 202214:32	–	cvelist
Cvelist	CVE-2021-40336 HTTP Response Splitting in Hitachi Energy’s MSM Product	25 Jul 202214:34	–	cvelist
EUVD	EUVD-2021-27514	3 Oct 202520:07	–	euvd

Source	Link
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-277-02.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-22-277-02
cisa	www.cisa.gov/uscert/ncas/tips/ST04-014
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf

04 Oct 2022 00:00Current

8.2High risk

Vulners AI Score8.2

CVSS 3.15 - 8.8

EPSS0.00352

hitachi energy msm vulnerabilities csrf http response splitting cross-site request forgery http request/response splitting high voltage switchgear energy sector switzerland cisa mitigations