CVE-2025-2500: A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain...

9.1 CVSS

Description

A vulnerability exists in the SOAP Web services of the Asset
Suite versions listed below. If successfully exploited, an attacker
could gain unauthorized access to the product and the time window of a possible password attack could be expanded.

Classification

CVE ID: CVE-2025-2500

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.1

CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Problem Types

CWE-256

Affected Products

Vendor: Hitachi Energy

Product: Asset Suite

References

https://nvd.nist.gov/vuln/detail/CVE-2025-2500
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212&LanguageCode=en&DocumentPartId=&Action=Launch

Timeline

2025-05-30 13:40:21 UTC
CVE

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain...