IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Hitachi Energy ITT600 Explorer

HIGH
CVSS 7.5
Date 2026-06-04T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

Hitachi Energy is aware of vulnerabilities that affect ITT600 Explorer product versions listed in this document. These vulnerabilities can be exploited to carry out Denial of Service (DoS) attack on the product. The vulnerabilities only affect Hitachi Energy Integrated Testing Tool ITT600 SA Explorer without affecting IEC 61850 system endpoints. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation.

// Vulnerabilities (2)

CVE ID CVSS Score Severity Description
CVE-2025-59375 7.5 high
CVE-2025-59375. A vulnerability exists in libexpat used by the product allowing attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. Product is only affected if IEC61850 server simulation is used.
CVE-2024-8176 7.5 high
CVE-2024-8176. A stack overflow vulnerability exists in the libexpat library used by the IEC61850 functionality supported by the product. A malicious user with local access could use a crafted IEC61850 message to exploit the vulnerability in the libexpat library. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. Product is only affected if IEC61850 server simulation is used.

// Affected Products (21)

Vendor Product Asset Type Purdue Level Firmware
Hitachi Energy Unknown rtu
L1
12.2
Siemens Unknown network_device -- --
Siemens Unknown plc
L1
--
Siemens Unknown plc
L1
--
Siemens Unknown plc
L1
--
Siemens Unknown plc
L1
--
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --
Siemens Unknown network_device -- --

// Remediations (17)

Patch: Upgrade to version 2.2 when available
Upgrade to version 2.2 when available
Patch: Update to version 2.1 SP6 HF1
Update to version 2.1 SP6 HF1
Mitigation: Only build and run applications from trusted sources.
Only build and run applications from trusted sources.
Mitigation: Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel onl
Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.
Patch: Update to CMU Firmware version 13.7.8 or latest
Update to CMU Firmware version 13.7.8 or latest
Mitigation: Follow general mitigation factors/workarounds
Follow general mitigation factors/workarounds
Patch: Update to CMU Firmware version 12.7.8
Update to CMU Firmware version 12.7.8
Patch: Update to CMU Firmware version 13.8.2
Update to CMU Firmware version 13.8.2
Patch: Update to V3.3 or later version
Update to V3.3 or later version
Patch: See Section Additional Information.
See Section Additional Information.
Patch: Update to V3.3 or later version
Update to V3.3 or later version
Patch: Update to V3.3 or later version
Update to V3.3 or later version
Patch: Update to V3.2 or later version
Update to V3.2 or later version
Patch: See Section Additional Information.
See Section Additional Information.
Patch: Update to V3.2 or later version
Update to V3.2 or later version
Patch: Update to V3.1.5 or later version
Update to V3.1.5 or later version
Mitigation: Only build and run applications from trusted sources.
Only build and run applications from trusted sources.

// References