Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MicroSCADA X SYS600 — Vulnerabilities & Security Advisories 12

All 12 CVE vulnerabilities found in MicroSCADA X SYS600, with AI-generated Chinese analysis, references, and POCs.

Vendor: Hitachi Energy

CVE IDTitleCVSSSeverityPublished
CVE-2025-39205 Hitachi MicroSCADA X SYS600 安全漏洞 CWE-295 6.5 Medium2025-06-24
CVE-2025-39204 Hitachi MicroSCADA X SYS600 安全漏洞 CWE-200 6.5 Medium2025-06-24
CVE-2025-39203 Hitachi Energy MicroSCADA X SYS600 安全漏洞 CWE-354 6.5 Medium2025-06-24
CVE-2025-39202 Hitachi MicroSCADA X SYS600 安全漏洞 CWE-269 7.3 High2025-06-24
CVE-2025-39201 Hitachi MicroSCADA X SYS600 安全漏洞 CWE-276 6.1 Medium2025-06-24
CVE-2024-3980 Hitachi Energy MicroSCADA X SYS600 安全漏洞 CWE-22 8.8 High2024-08-27
CVE-2024-4872 Hitachi Energy MicroSCADA X SYS600 安全漏洞 CWE-943 8.8 High2024-08-27
CVE-2022-29492 A vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ... CWE-20 5.3 Medium2022-09-14
CVE-2022-1778 A vulnerability exists during the start of the affected SYS600, where an input validation flaw causes a buffer-overflow while reading a specific configuration file. Subsequently SYS600 will fail to start. The configuration file can only be accessed by ... CWE-119 7.5 High2022-09-14
CVE-2022-29922 A vulnerability exists in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS ... CWE-20 7.5 High2022-09-14
CVE-2022-2277 A vulnerability exists in the ICCP stack of the affected SYS600 versions due to validation flaw in the process that establishes the ICCP communication. The validation flaw will cause a denial-of-service when ICCP of SYS600 is request to forward any da ... CWE-1284 7.5 High2022-09-14
CVE-2022-29490 A vulnerability exists in the Workplace X WebUI in which an authenticated user is able to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. CWE-285 8.5 High2022-09-12

All 12 known CVE vulnerabilities affecting MicroSCADA X SYS600 with full Chinese analysis, references, and POCs where available.