CVE-2025-39204
- EPSS 0.05%
- Veröffentlicht 24.06.2025 12:15:21
- Zuletzt bearbeitet 26.01.2026 18:42:02
A vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering query in the Web interface can be malformed, so returning data can leak unauthorized information to the user.
CVE-2025-39205
- EPSS 0.03%
- Veröffentlicht 24.06.2025 12:13:20
- Zuletzt bearbeitet 30.01.2026 18:36:38
A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation.
CVE-2025-39203
- EPSS 0.05%
- Veröffentlicht 24.06.2025 11:57:04
- Zuletzt bearbeitet 26.01.2026 18:45:18
A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 product. An IEC 61850-8 crafted message content from IED or remote system can cause a denial of service resulting in disconnection loop.
CVE-2025-39202
- EPSS 0.03%
- Veröffentlicht 24.06.2025 11:51:58
- Zuletzt bearbeitet 26.01.2026 18:52:01
A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption.
CVE-2025-39201
- EPSS 0.05%
- Veröffentlicht 24.06.2025 11:46:11
- Zuletzt bearbeitet 26.01.2026 18:56:36
A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local unauthenticated attacker to tamper a system file, making denial of Notify service.