VDB
CVE-2025-2500
CVE-2025-2500
PUBLISHED
CVSS 9.100000381469727 CRITICAL
A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded.
EPSS 0.23% · 46.1th percentile
Risk Scores
CVSS 4.0
9.100000381469727
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.23%
46.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachi Energy | Asset Suite | 9.6.4.4, 9.7 |
Exploit Intelligence
- CIRCL seen: CVE-2025-2500 (circl-sighting)
- CIRCL seen: CVE-2025-2500 (circl-sighting)
- https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
Timeline
- May 30, 2025 Coalition ESS Score
- May 30, 2025 CVE Published
- May 30, 2025 PoC Published
- May 31, 2025 EPSS Score
- Jun 11, 2025 EPSS Score
- Jun 22, 2025 EPSS Score
- Jul 2, 2025 EPSS Score
- Jul 13, 2025 EPSS Score
- Jul 15, 2025 PoC Published
- Jul 24, 2025 EPSS Score
- Aug 4, 2025 EPSS Score
- Aug 15, 2025 EPSS Score