CVE-2025-39205NVD

Vulnerability Summary

A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation.

Severity Level

HIGH(8.3)

Published Date

Jun 24, 2025

Last Modified

Jun 26, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-295: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

External References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000218&LanguageCode=en&DocumentPartId=&Action=Launch

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2025-39205NVD

Vulnerability Summary

External References