Hitachi Energy MicroSCADA X SYS600

Plan Patch7.3ICS-CERT ICSA-25-184-02Jul 3, 2025

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Five vulnerabilities exist in Hitachi Energy MicroSCADA Pro/X SYS600 versions 10.0 through 10.6 related to improper file permissions, path validation, and certificate verification (CWE-276, CWE-73, CWE-354, CWE-202, CWE-295). These flaws allow an attacker with local system access to tamper with system files, overwrite configuration, create denial-of-service conditions, or leak file contents. CVSS score 7.3 (high severity) reflects the ability to impact system integrity and availability, though exploitation requires local access rather than remote unauthenticated attack.

What this means

What could happen

An attacker with local system access could overwrite files, tamper with system configuration, leak sensitive file contents, or cause the SYS600 control system to become unavailable, disrupting energy distribution or monitoring.

Who's at risk

This affects energy utilities running Hitachi Energy MicroSCADA Pro/X SYS600 versions 10.0 through 10.6. Risk is highest for organizations that allow remote access to their control system network or permit shared workstation access by multiple users.

How it could be exploited

An attacker with local access to the MicroSCADA X SYS600 system (via a compromised engineering workstation, maintenance console, or shared network access) could exploit file permission or validation flaws to overwrite critical system files, insert malicious code, or trigger a denial-of-service condition affecting grid monitoring and control functions.

Prerequisites

Local system access to the MicroSCADA X SYS600 server or workstation
Unprivileged or limited user account credentials
Running MicroSCADA Pro/X SYS600 version 10.0 through 10.6

Low complexity exploitationAffects supervisory control and monitoring systemsNo patch currently available for versions 10.0–10.6Requires local or network access rather than remote unauthenticated access

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

Hitachi Energy MicroSCADA Pro/X SYS600: >=10.0|<10.6≥ 10.0|<10.610.7

Hitachi Energy MicroSCADA Pro/X SYS600: >=10.5|<10.6≥ 10.5|<10.610.7

Hitachi Energy MicroSCADA Pro/X SYS600: >=10.3|<10.6≥ 10.3|<10.610.7

Remediation & Mitigation

0/4

Do now

0/3

HARDENINGRestrict local and network access to MicroSCADA X SYS600 servers to authorized engineering and operational personnel only

HARDENINGPlace MicroSCADA X SYS600 control system network behind firewall; do not expose to internet or business network

HARDENINGRequire VPN for any remote access to MicroSCADA X SYS600 systems and keep VPN client software updated

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate MicroSCADA X SYS600 to version 10.7

CVEs (5)

CVE-2025-39201 CVE-2025-39202 CVE-2025-39204 CVE-2025-39205 CVE-2025-39203

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e3f2e523-23f3-4768-82ff-2cbb3db44414