Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Hitachi Energy — Vulnerabilities & Security Advisories 102

Browse all 102 CVE security advisories affecting Hitachi Energy. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Hitachi Energy:FOXMAN-UNMicroSCADA X SYS600RTU500 series CMU FirmwareSDM600RTU500RTU500 seriesTXpert Hub CoreTec 4 versionTropOS 4th GenAsset SuiteTRMTrackerMicroSCADA SYS600eSOMSFOX61xRelion REB500Relion 670/650 and SAM600-IORelion 670 SeriesMACH System SoftwareNSD570 Teleprotection EquipmentTRO600MSMMACH SCMSuprOSRetail OperationsMACH SCM ServerAsset Suite EAMFOX61x TEGO1Relion 670/650/SAM600-IO SeriesRTU500 Scripting InterfaceLinkOneRelion670
CVE IDTitleCVSSSeverityPublished
CVE-2023-5516 Hitachi Energy Electronic Shift Operations Management System 安全漏洞 — eSOMSCWE-200 5.3 Medium2023-11-01
CVE-2023-5515 Hitachi eSOMS 信息泄露漏洞 — eSOMSCWE-200 5.3 Medium2023-11-01
CVE-2023-5514 Hitachi eSOMS 安全漏洞 — eSOMSCWE-209 5.3 Medium2023-11-01
CVE-2023-2622 Hitachi Energy MACH System Software 安全漏洞 — MACH System SoftwareCWE-668 2.7 Low2023-11-01
CVE-2023-2621 Hitachi Energy MACH System Software 路径遍历漏洞 — MACH System SoftwareCWE-22 6.5 Medium2023-11-01
CVE-2023-4816 Hitachi Energy Asset Suite 授权问题漏洞 — Asset Suite 9CWE-287 6.9 Medium2023-09-11
CVE-2022-4608 Hitachi Energy RTU500 缓冲区错误漏洞 — RTU500 seriesCWE-787 7.5 High2023-07-26
CVE-2022-2502 Hitachi Energy RTU500 输入验证错误漏洞 — RTU500 seriesCWE-20 7.5 High2023-07-26
CVE-2023-2625 Hitachi Energy TXpert Hub CoreTec 4 操作系统命令注入漏洞 — TXpert Hub CoreTec 4CWE-78 9.0 Critical2023-06-28
CVE-2023-1711 Hitachi FOXMAN-UN 安全漏洞 — FOXMAN-UNCWE-117 4.0 Medium2023-05-30
CVE-2022-3685 SDM600 software privilege level — SDM600CWE-285 7.5 High2023-03-28
CVE-2022-3686 SDM600 API permission check — SDM600CWE-285 4.8 Medium2023-03-28
CVE-2022-3684 SDM600 endpoint vulnerability — SDM600CWE-404 7.5 High2023-03-28
CVE-2022-3683 SDM600 API web services authorization validation — SDM600CWE-285 7.7 High2023-03-28
CVE-2022-3682 SDM600 file permission validation — SDM600CWE-434 9.9 Critical2023-03-28
CVE-2022-3353 IEC 61850 MMS-Server Vulnerability in multiple Hitachi Energy Products — FOX61x TEGO1CWE-404 5.9 Medium2023-02-21
CVE-2022-2155 A vulnerability exists in the Lumada APM’s User Asset Group feature due to a flaw in access control mechanism implementation on the “Limited Engineer” role. — Lumada APMCWE-863 5.7 Medium2023-01-12
CVE-2022-3929 Communication between the client and server partially using CORBA over TCP/IP — FOXMAN-UNCWE-319 8.3 High2023-01-05
CVE-2022-3928 Hardcoded credential is found in the message queue — FOXMAN-UNCWE-798 7.1 High2023-01-05
CVE-2022-3927 The affected products store public and private key that are used to sign and protect custom parameter set files from modification. — FOXMAN-UNCWE-798 8.0 High2023-01-05
CVE-2021-40342 Use of default key for encryption — FOXMAN-UNCWE-798 7.1 High2023-01-05
CVE-2021-40341 Weak DES encryption — FOXMAN-UNCWE-326 7.1 High2023-01-05
CVE-2022-2513 Cleartext Credentials Vulnerability on Hitachi Energy’s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products — PCM600CWE-312 7.1 High2022-11-22
CVE-2022-3388 Input Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 Products — MicroSCADA Pro SYS600CWE-20 8.8 High2022-11-21
CVE-2022-29492 A vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ... — MicroSCADA X SYS600CWE-20 5.3 Medium2022-09-14
CVE-2022-1778 A vulnerability exists during the start of the affected SYS600, where an input validation flaw causes a buffer-overflow while reading a specific configuration file. Subsequently SYS600 will fail to start. The configuration file can only be accessed by ... — MicroSCADA X SYS600CWE-119 7.5 High2022-09-14
CVE-2022-29922 A vulnerability exists in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS ... — MicroSCADA X SYS600CWE-20 7.5 High2022-09-14
CVE-2022-2277 A vulnerability exists in the ICCP stack of the affected SYS600 versions due to validation flaw in the process that establishes the ICCP communication. The validation flaw will cause a denial-of-service when ICCP of SYS600 is request to forward any da ... — MicroSCADA X SYS600CWE-1284 7.5 High2022-09-14
CVE-2022-29490 A vulnerability exists in the Workplace X WebUI in which an authenticated user is able to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. — MicroSCADA X SYS600CWE-285 8.5 High2022-09-12
CVE-2021-40336 HTTP Response Splitting in Hitachi Energy’s MSM Product — MSMCWE-113 5.0 Medium2022-07-25

This page lists every published CVE security advisory associated with Hitachi Energy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.