Improper Input Validation vulnerability in Hitachi Energy MicroSCADA X SYS600 while reading a specific configuration file causes a buffer-overflow that causes a failure to start the SYS600. The configuration file can only be accessed by an administrator access. This issue affects: Hitachi Energy MicroSCADA X SYS600 version 10 to version 10.3.1. cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:* cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Hitachienergy
  • Microscada X Sys600
  • Sys600

Configuration 1 [-]

AND
cpe:2.3:a:hitachienergy:microscada_x_sys600:*:*:*:*:*:*:*:*
cpe:2.3:h:hitachienergy:sys600:-:*:*:*:*:*:*:*
References
Link Resource
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000106&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2022-09-06T00:00:00

Updated: 2022-09-14T17:05:36

Reserved: 2022-05-18T00:00:00

Link: CVE-2022-1778

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-09-14T18:15:09.953

Modified: 2023-06-27T15:47:06.047

Link: CVE-2022-1778

JSON object: View

cve-icon Redhat Information

No data.

CWE