VDB
ICSA-25-196-01
ICSA-25-196-01
PUBLISHED
CVSS 6.5 MEDIUM
Hitachi Energy is aware multiple vulnerabilities that affects the Asset Suite product versions listed below. If these vulnerabilities are successfully exploited by an attacker, it could have an impact on the confidentiality, integrity, or availability of the product. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Asset Suite version 9.6.4.4 | ||
| Asset Suite AnyWhere for Inventory (AWI) Android mobile app versions 11.5 (awi_11.5_armv7) and earlier | ||
| Asset Suite version 9.6.4.5 | ||
| Asset Suite version 9.7 |
Timeline
- Apr 29, 2025 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-196-01.json advisory
- https://publisher.hitachienergy.com/preview?DocumentId=8DBD000195&languageCode=en&Preview=true advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-196-01 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url