Hitachi Energy Pcm600 vulnerabilities

2 known vulnerabilities affecting hitachi_energy/pcm600.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2022-2513MEDIUMCVSS 5.5≥ v2.6, ≤ 2.11 Hotfix 202206172022-11-22

CVE-2022-2513 [MEDIUM] CWE-312 CVE-2022-2513: A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) cr A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file

CVE-2021-22278MEDIUMCVSS 6.7≥ 2.7, < unspecified≥ unspecified, ≤ 2.102021-10-28

CVE-2021-22278 [MEDIUM] CWE-295 CVE-2021-22278: A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted soft A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.