Privilege escalation in Hitachi Energy Gms600
CVE-2021-35534
Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product do…
EPSS: 0.017 (73.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Hitachi Energy Gms600 — versions 1.3.0, 1.3.1.0 1.3.0.1, 1.2.0
- Hitachi Energy Pwc600 — versions 1.0.1, 1.1.0
- Hitachi Energy Relion 650 — versions 1.1 all revisions, 1.2 all revisions, 1.0 all revisions
- Hitachi Energy Relion 670/650/sam600-io — versions 2.2.1 all revisions, 2.2.5
- Hitachi Energy Relion 670/650 Series — versions 2.2.0 all revisions, 2.2.4 all revisions, 2.1 all revisions
- Hitachi Energy Relion 670 Series — versions 2.0 all revisions, 2.2.2 all revisions, 2.2.3
- Hitachienergy Gms600
- Hitachienergy Gms600_firmware — versions 1.2.0, 1.3.0, 1.3.1.0
- Hitachienergy Pwc600
- Hitachienergy Pwc600_firmware — versions 1.0.1.0, 1.0.1.1, 1.0.1.3
Weakness classification (CWE)
References
- cybersecurity@hitachienergy.com (x_refsource_CONFIRM, Vendor Advisory)
- cybersecurity@hitachienergy.com (x_refsource_CONFIRM, Vendor Advisory)
- cybersecurity@hitachienergy.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-35534?
- CVE-2021-35534 is a high-severity vulnerability in Hitachi Energy Gms600, classified under Improper Handling of Insufficient Privileges. CVSS score: 7.2/10. Published 2021-11-18.
- How severe is CVE-2021-35534?
- High severity. CVSS v3 base score is 7.2 out of 10.