CVE-2025-39204
- EPSS 0.04%
- Veröffentlicht 24.06.2025 12:15:21
- Zuletzt bearbeitet 26.06.2025 18:58:14
A vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering query in the Web interface can be malformed, so returning data can leak unauthorized information to the user.
CVE-2025-39205
- EPSS 0.02%
- Veröffentlicht 24.06.2025 12:13:20
- Zuletzt bearbeitet 01.10.2025 15:15:44
A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation.
CVE-2025-39203
- EPSS 0.04%
- Veröffentlicht 24.06.2025 11:57:04
- Zuletzt bearbeitet 07.10.2025 10:15:34
A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 product. An IEC 61850-8 crafted message content from IED or remote system can cause a denial of service resulting in disconnection loop.
CVE-2025-39202
- EPSS 0.02%
- Veröffentlicht 24.06.2025 11:51:58
- Zuletzt bearbeitet 26.06.2025 18:58:14
A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption.
CVE-2025-39201
- EPSS 0.04%
- Veröffentlicht 24.06.2025 11:46:11
- Zuletzt bearbeitet 26.06.2025 18:58:14
A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local unauthenticated attacker to tamper a system file, making denial of Notify service.