Hitachi Energy MicroSCADA System Data Manager SDM600

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA System Data Manager SDM600 Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Improper Authorization, Improper Resource Shutdown or Release, Improper...

CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products

The U.S. Cybersecurity and Infrastructure Security Agency CISA has published eight Industrial Control Systems ICS advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx. Topping the list is CVE-2022-3682 CVSS score: 9....

CVE-2022-3682

creationtimestamp| type| source ---|---|--- 2023-03-31 07:33:29+00:00| published-proof-of-concept| https://t.me/icscert/729 2023-07-31 08:06:52+00:00| seen| https://t.me/cibsecurity/60882...

CVE-2022-3682

A vulnerability exists in the SDM600 file permission validation. An attacker could exploit the vulnerability by gaining access to the system and uploading a specially crafted message to the system node, which could result in Arbitrary code Executing. This issue affects: All SDM600 versions prior ...

CVE-2022-3682 SDM600 file permission validation

A vulnerability exists in the SDM600 file permission validation. An attacker could exploit the vulnerability by gaining access to the system and uploading a specially crafted message to the system node, which could result in Arbitrary code Executing. This issue affects: All SDM600 versions prior ...

CVE-2022-3682

The CVE-2022-3682 vulnerability affects Hitachi Energy SDM600. It stems from a file permission validation flaw in SDM600, allowing an attacker with system access to upload a crafted message to the system node and achieve arbitrary code execution. Affected versions are all SDM600 releases prior to...