ICSA-26-188-02
·
Published 2026-07-07
·
View on CISA ICS-CERT ↗
Hitachi Energy PROMOD V
CVSS 7.1
HIGH
Risk Summary
Hitachi Energy is aware of insecure HTTP transmission vulnerability in PROMOD V product versions listed in this document. This vulnerability could allow attackers to intercept or manipulate sensitive data in transit, potentially leading to credential theft, session hijacking, or unauthorized access.
CVEs (1)
Remediations
- Upgrade to version 1.0.11 and enable HTTPS on Digipede server. [2] Refer to “1.0.11 PROMOD V User Guide”, Section 2 Essential Skills->Running PROMOD V->Digipede Grid. Alternatively, refer to the same section in the online help contained in the application.
- Apply general mitigation factors
Affected Vendors
Hitachi Energy
Affected Products (1)
Hitachi Energy
·
PROMOD V
vers:PROMOD_V/<=1.0.10
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more