Hitachi Energy MSM Product
Monitor7.5ICS-CERT ICSA-25-275-02Oct 2, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Hitachi Energy MSM versions 2.2.10 and earlier contain two vulnerabilities: HTML injection via the name parameter (CWE-79) and an assertion failure in fuzz_binary_decode (CWE-617) that can cause a crash. The HTML injection vulnerability could allow malicious code to be injected into the application interface. The assertion failure can be triggered to cause a denial of service by crashing the affected software component.
What this means
What could happen
An attacker could inject malicious HTML into the MSM interface to manipulate what operators see on their workstations, or trigger a crash that disrupts the monitoring and supervision of electrical equipment. This could blind operators to alarms or status changes in the switchgear being monitored.
Who's at risk
Energy utilities and industrial operators who use Hitachi Energy MSM (Modular Switchgear Monitoring) to supervise and monitor electrical switchgear and distribution equipment. This affects organizations running MSM versions 2.2.10 or earlier on engineering workstations or supervisory servers.
How it could be exploited
An attacker with network access to the MSM application could supply a specially crafted name parameter containing HTML code to inject content into the user interface. Alternatively, malformed binary data could be sent to trigger the assertion failure and crash the application. Both attacks require the attacker to reach the MSM server or an operator's MSM Client workstation on the network.
Prerequisites
- Network access to MSM Client or MSM Server application
- Ability to submit input to the name parameter or binary decode function
- MSM version 2.2.10 or earlier
Remotely exploitableLow complexity attackNo authentication required for HTML injectionNo patch availableAffects monitoring and alarm visibility
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
MSM≤ 2.2.10No fix (EOL)
Remediation & Mitigation
0/8
Do now
0/5HARDENINGDo not connect MSM directly to the internet; keep the device and MSM Client applications on isolated internal networks only
HARDENINGImplement network segmentation and firewall rules to restrict access to MSM applications to only authorized engineering and operations personnel; minimize exposed ports
HARDENINGImplement user access controls on computers running MSM Client using OS-level access management to limit who can execute the application
HARDENINGScan all portable computers and removable media for malware before connecting them to systems with MSM installed
HARDENINGDeploy antivirus protection with current signature rules on all computers running MSM Client
Schedule — requires maintenance window
0/3Patching may require device reboot — plan for process interruption
HARDENINGHarden web browsers on MSM Client workstations according to CIS Critical Security Control 9 and apply latest security patches to prevent code injection attacks
HARDENINGApply operating system hardening to all computers running MSM Client using CIS Microsoft Windows Desktop or Server Benchmarks
HARDENINGEnsure MSM deployments follow hardening guidelines documented in Hitachi Energy security advisory 8DBD000228 and MSM product documentation (section 3.9 of 2GHV045871_2018-P-en)
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/2910af12-8f5e-493d-955f-f665787baf68