CVE-2026-10763

HIGH

Hitachi Energy Promod V < 1.0.10 - Reliance on HTTP instead of HTTPS

Title source: rule
STIX 2.1

Description

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server.

Scores

CVSS v4 7.0
EPSS 0.0035
EPSS Percentile 26.7%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-1428
Status published
Products (1)
Hitachi Energy/PROMOD V 1.0.0 - 1.0.10
Published Jun 30, 2026
Tracked Since Jun 30, 2026