CVE-2025-2500

Summary

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded.

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergyAsset Suite9.6.4.4affected
Hitachi EnergyAsset Suite9.7affected

Weaknesses

  • CWE-256: CWE-256

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References