CVE-2025-2500 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-2500 PUBLISHED CVSS 9.100000381469727 CRITICAL

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded.

EPSS 0.06% · 19.7th percentile

Risk Scores

CVSS v4.0

9.100000381469727

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS Score

0.06%

19.7th percentile

Affected Products

Vendor	Product	Versions
Hitachi Energy	Asset Suite	9.6.4.4, 9.7

Timeline

May 30, 2025 Coalition ESS Score
May 30, 2025 CVE Published
May 30, 2025 PoC Published
May 31, 2025 EPSS Score
Jun 10, 2025 EPSS Score
Jun 21, 2025 EPSS Score
Jul 1, 2025 EPSS Score
Jul 11, 2025 EPSS Score
Jul 15, 2025 PoC Published
Jul 21, 2025 EPSS Score
Aug 1, 2025 EPSS Score
Aug 11, 2025 EPSS Score

References

Open in Interactive Console →