CVE-2025-39202
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-06-24
Last updated on: 2026-01-26
Assigner: Hitachi Energy
Description
Description
A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hitachienergy | microscada_x_sys600 | From 10.0 (inc) to 10.7 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo | |
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Monitor Pro interface of the MicroSCADA X SYS600 product. It allows an authenticated user with low privileges to view and overwrite files, which can lead to information leakage and data corruption.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive information and corruption of data, potentially disrupting operations and compromising system integrity.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70