Refine your search
1 vulnerability found for SuprOS by Hitachi Energy
CVE-2025-7740 (GCVE-0-2025-7740)
Vulnerability from cvelistv5
Published
2026-01-28 09:02
Modified
2026-01-28 16:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1392 - Use of Default Credentials
Summary
Default credentials vulnerability exists in SuprOS
product. If exploited, this could allow an authenticated
local attacker to use an admin account created during
product deployment.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hitachi Energy | SuprOS |
Version: 9.0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-28T16:32:14.188387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T16:32:25.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SuprOS",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "9.2.2.0",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2026-01-27T13:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Default credentials vulnerability exists in SuprOS\nproduct. If exploited, this could allow an authenticated\nlocal attacker to use an admin account created during\nproduct deployment.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Default credentials vulnerability exists in SuprOS\nproduct. If exploited, this could allow an authenticated\nlocal attacker to use an admin account created during\nproduct deployment."
}
],
"impacts": [
{
"capecId": "CAPEC-70",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-70 Try Common or Default Usernames and Passwords"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392 Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T09:02:21.430Z",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000223\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Use of default credentials vulnerability in Hitachi Energy SuprOS product",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2025-7740",
"datePublished": "2026-01-28T09:02:21.430Z",
"dateReserved": "2025-07-17T06:26:51.973Z",
"dateUpdated": "2026-01-28T16:32:25.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}