Lucene search
K

38 matches found

ICS
ICS
added 2022/09/29 12:0 a.m.52 views

Hitachi Energy MicroSCADA Pro X SYS600

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerability: NULL Pointer Dereference, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause the affected...

7.5CVSS8.9AI score0.70561EPSS
Exploits2References5
ICS
ICS
added 2022/09/29 12:0 a.m.61 views

Hitachi Energy MicroSCADA Pro X SYS600

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerability: Improper Input Validation, Improper Privilege Management, Improper Access Control, Improper Handling of Unexpected Data Type. 2. RISK...

8.8CVSS6.9AI score0.00672EPSS
Exploits0References5
OSV
OSV
added 2022/09/14 6:15 p.m.6 views

CVE-2022-29492

Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a...

7.5CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2022/09/14 6:15 p.m.24 views

CVE-2022-29922

Improper Input Validation vulnerability in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. The vulnerability may cause a denial-of-service on the...

7.5CVSS0.00672EPSS
Exploits0References1
OSV
OSV
added 2022/09/14 6:15 p.m.5 views

CVE-2022-29922

Improper Input Validation vulnerability in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. The vulnerability may cause a denial-of-service on the...

7.5CVSS5.8AI score0.00672EPSS
Exploits0References1
Prion
Prion
added 2022/09/14 6:15 p.m.16 views

Input validation

Improper Input Validation vulnerability in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. The vulnerability may cause a denial-of-service on the...

5CVSS7.5AI score0.00672EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/09/14 6:15 p.m.14 views

Input validation

Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a...

5CVSS7.5AI score0.00633EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/09/14 5:7 p.m.18 views

CVE-2022-29492 A vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ...

Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a...

5.3CVSS7.6AI score0.00633EPSS
Exploits0References1
CVE
CVE
added 2022/09/14 5:7 p.m.73 views

CVE-2022-29492

CVE-2022-29492 affects Hitachi Energy MicroSCADA Pro SYS600 (versions up to 9.4 FP2 Hotfix 4) and MicroSCADA X SYS600 (versions up to 10.3.1). The issue is an improper input validation in the handling of malformed IEC 104 TCP packets: the packet is dropped but the TCP connection remains open, cre...

7.5CVSS6.3AI score0.00633EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/09/14 5:3 p.m.69 views

CVE-2022-29922

Summary: CVE-2022-29922 is an improper input validation flaw in Hitachi Energy MicroSCADA X SYS600 and MicroSCADA Pro SYS600, specifically in the IEC 61850 OPC Server handling a packet with a valid data item but incorrect data type, potentially causing a denial-of-service. Affected versions: Micr...

7.5CVSS7.6AI score0.00672EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/04/29 12:0 a.m.3 views

PT-2022-5037 · Hitachi Energy · Hitachi Energy Microscada X Sys600

Name of the Vulnerable Software and Affected Versions: Hitachi Energy MicroSCADA Pro SYS600 versions 9.4 FP2 Hotfix 4 and earlier Hitachi Energy MicroSCADA X SYS600 versions 10 through 10.3.1 Description: The issue is related to an Improper Input Validation vulnerability in the handling of a...

7.8CVSS7.3AI score0.00672EPSS
Exploits0References8
CNVD
CNVD
added 2020/04/30 12:0 a.m.2 views

ABB MicroSCADA Pro SYS600 Access Control Error Vulnerability

ABB MicroSCADA Pro SYS600 is a suite of monitoring and data acquisition software from ABB Switzerland. The software is used for substation automation, SCADA electrical, distribution management applications and industrial power management. An access control error vulnerability exists in ABB...

9.8CVSS6.8AI score0.70081EPSS
Exploits1References1
OSV
OSV
added 2020/04/29 11:15 p.m.3 views

CVE-2019-5620

ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function...

9.8CVSS7.3AI score0.70081EPSS
Exploits1References1
NVD
NVD
added 2020/04/29 11:15 p.m.17 views

CVE-2019-5620

ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function...

9.8CVSS9.6AI score0.70081EPSS
Exploits1References1
Prion
Prion
added 2020/04/29 11:15 p.m.18 views

Authentication flaw

ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function...

7.5CVSS9.5AI score0.70081EPSS
Exploits1References1Affected Software1
Saint
Saint
added 2013/12/09 12:0 a.m.57 views

ABB MicroSCADA wserver.exe command execution

Added: 12/09/2013 BID: 63901 OSVDB: 100324 Background MicroSCADA Pro is a substation automation product from ABB. Problem A vulnerability in the wserver.exe process allows remote attackers to execute arbitrary commands by sending an EXECUTE request to port 12221/TCP. Resolution Disable wserver.ex...

1.5AI score
Exploits0
Saint
Saint
added 2013/12/09 12:0 a.m.46 views

ABB MicroSCADA wserver.exe command execution

Added: 12/09/2013 BID: 63901 OSVDB: 100324 Background MicroSCADA Pro is a substation automation product from ABB. Problem A vulnerability in the wserver.exe process allows remote attackers to execute arbitrary commands by sending an EXECUTE request to port 12221/TCP. Resolution Disable wserver.ex...

8.3AI score
Exploits0
Saint
Saint
added 2013/12/09 12:0 a.m.40 views

ABB MicroSCADA wserver.exe command execution

Added: 12/09/2013 BID: 63901 OSVDB: 100324 Background MicroSCADA Pro is a substation automation product from ABB. Problem A vulnerability in the wserver.exe process allows remote attackers to execute arbitrary commands by sending an EXECUTE request to port 12221/TCP. Resolution Disable wserver.ex...

8.3AI score
Exploits0
Rows per page
Query Builder