February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Hitachi Energy IED Connectivity Packages and PCM600 Products Vulnerability
November 30, 2022Rewterz Threat Advisory – CVE-2021-35587 – Oracle Fusion Middleware Access Manager Vulnerability
November 30, 2022Rewterz Threat Advisory – ICS: Hitachi Energy IED Connectivity Packages and PCM600 Products Vulnerability
November 30, 2022Rewterz Threat Advisory – CVE-2021-35587 – Oracle Fusion Middleware Access Manager Vulnerability
November 30, 2022
Severity
High
Analysis Summary
CVE-2022-3388
An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user could launch an administrator level remote code execution regardless of the authenticated user’s role.
Impact
Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-3388
Affected Vendors
Mitsubishi Electric
Affected Products
- SYS600 10.4 and earlier
- SYS600 9.4 FP2 Hotfix 4 and earlier versions
Remediation
Refer to CISA-CERT Advisory for the patch, upgrade, or suggested workaround information.
CISA-CERT Advisory