CVE-2025-39203
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-06-24
Last updated on: 2026-01-26
Assigner: Hitachi Energy
Description
Description
A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 product. An IEC 61850-8 crafted message content from IED or remote system can cause a denial of service resulting in disconnection loop.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hitachienergy | microscada_x_sys600 | From 10.5 (inc) to 10.7 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-354 | The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the IEC 61850 implementation of the MicroSCADA X SYS600 product. It occurs when a specially crafted IEC 61850-8 message from an Intelligent Electronic Device (IED) or a remote system causes a denial of service by triggering a disconnection loop.
How can this vulnerability impact me? :
The vulnerability can cause a denial of service condition, leading to a disconnection loop in the affected system. This can disrupt normal operations and potentially cause system unavailability or instability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70