Vulnerabilities (CVE)

Filtered by vendor Hitachienergy Subscribe
Filtered by product Microscada Pro Sys600
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-3980 1 Hitachienergy 2 Microscada Pro Sys600, Microscada X Sys600 2024-10-30 N/A 8.8 HIGH
The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application.
CVE-2024-4872 1 Hitachienergy 2 Microscada Pro Sys600, Microscada X Sys600 2024-10-30 N/A 8.8 HIGH
A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential.
CVE-2022-3388 1 Hitachienergy 2 Microscada Pro Sys600, Microscada X Sys600 2024-02-28 N/A 7.8 HIGH
An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.
CVE-2019-5620 2 Hitachienergy, Microsoft 3 Microscada Pro Sys600, Windows 7, Windows Xp 2024-02-28 7.5 HIGH 9.8 CRITICAL
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function.