VDB
ICSA-26-036-06
ICSA-26-036-06
PUBLISHED
CVSS 9 CRITICAL
Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. Note: This is applicable only if FOX61x devices are configured to use remote RADIUS authentication.
Risk Scores
CVSS v3.1
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| FOX61x version R17A and earlier | ||
| FOX61x version R18 |
Timeline
- Jan 27, 2026 CVE Published
- Feb 5, 2026 CVE Updated
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-036-06.json advisory
- https://publisher.hitachienergy.com/preview?DocumentID=1KHW029042&LanguageCode=en&DocumentPartId=R18&Action=launch advisory
- https://publisher.hitachienergy.com/preview?DocumentID=8DBD000225&LanguageCode=en&DocumentPartId=&Action=launch advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-036-06 advisory
- https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b url