We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-3980



AssignerHitachi Energy
Reserved2024-04-19
Published2024-08-27
Updated2024-10-29

Description

The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application.



CRITICAL: 9.9CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
HIGH: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Product status

Default status
unaffected

10.0
affected

Default status
unaffected

9.4 FP2 HF1
affected

9.4 FP1
affected

References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch

cve.org CVE-2024-3980

nvd.nist.gov CVE-2024-3980

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-3980
Subscribe to our newsletter to learn more about our work.