Vulnerabilities > Hitachienergy > Microscada X Sys600 > 10.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-27 | CVE-2024-3980 | Path Traversal vulnerability in Hitachienergy Microscada PRO Sys600 and Microscada X Sys600 The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. | 8.8 |
| 2024-08-27 | CVE-2024-3982 | Authentication Bypass by Capture-replay vulnerability in Hitachienergy Microscada X Sys600 An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. | 8.2 |
| 2024-08-27 | CVE-2024-4872 | Unspecified vulnerability in Hitachienergy Microscada PRO Sys600 and Microscada X Sys600 A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. | 8.8 |
| 2024-08-27 | CVE-2024-7940 | Missing Authentication for Critical Function vulnerability in Hitachienergy Microscada X Sys600 The product exposes a service that is intended for local only to all network interfaces without any authentication. | 9.8 |
| 2022-11-21 | CVE-2022-3388 | Improper Input Validation vulnerability in Hitachienergy Microscada PRO Sys600 and Microscada X Sys600 An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. | 7.8 |