PT-2022-5038 · Hitachi Energy · Microscada X Sys600
Published
2022-05-18
·
Updated
2024-09-25
·
CVE-2022-1778
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Hitachi Energy MicroSCADA X SYS600 versions 10 through 10.3.1
Description
The issue is caused by improper input validation in a specific configuration file, leading to a buffer-overflow. This can cause the SYS600 to fail to start. The configuration file can only be accessed by an administrator.
Recommendations
For Hitachi Energy MicroSCADA X SYS600 versions 10 through 10.3.1, consider restricting access to the configuration file to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit administrator access to the configuration file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Microscada X Sys600