Hitachi Energy HiDraw Heap-Based Buffer Overflow Vulnerability in XML Parser Allowing Arbitrary Code Execution

Vulnerability

A heap-based buffer overflow vulnerability has been identified in the XML parsing functionality of Hitachi Energy's HiDraw application. This vulnerability allows an authenticated malicious user with local access to exploit the issue by using a specially crafted XML file. The exploitation of this vulnerability may lead to memory corruption, with the potential for arbitrary code execution. Additionally, successful exploitation could cause application crashes, resulting in a denial-of-service condition, and compromise the confidentiality and integrity of the affected system.

Impact

Exploitation of this vulnerability could lead to memory corruption, allowing for arbitrary code execution. It may also cause application crashes, creating a denial-of-service condition, and disrupt the confidentiality and integrity of the affected system.

Added: May 26, 2026, 5:06 PM

Updated: May 26, 2026, 5:06 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.7

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.7

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hitachi Energy HiDraw Heap-Based Buffer Overflow Vulnerability in XML Parser Allowing Arbitrary Code Execution

Vulnerability

Impact

Affected Products

Hitachi Energy HiDraw

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating