VYPR

TXpert Hub CoreTec 4

by Hitachi

CVEs (5)

  • CVE-2023-2625Jun 28, 2023
    risk 0.00cvss epss 0.00

    A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of…

  • CVE-2022-3353Feb 21, 2023
    risk 0.00cvss epss 0.01

    A vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products.  An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting…

  • CVE-2021-35530Jun 7, 2022
    risk 0.00cvss epss 0.00

    A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized…

  • CVE-2021-35531Jun 7, 2022
    risk 0.00cvss epss 0.00

    Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system.…

  • CVE-2021-35532Jun 7, 2022
    risk 0.00cvss epss 0.00

    A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. The vulnerability allows an attacker or malicious agent who manages to gain access to the system and obtain an account with sufficient privilege to upload a malicious…