CVE-2026-7310_CVE-2026-7310

4.4 / 10

MEDIUM

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Description

A heap-based buffer overflow vulnerability exists in XML
parser functionality in the HiDraw. An authenticated
malicious user with local access can exploit this
vulnerability using a specially crafted XML file which may
lead to memory corruption and potential arbitrary code
execution. Successful exploitation could result in
application crashes (denial of service) and compromise the
confidentiality and integrity of the affected system.

Basic Information

ID CVE-2026-7310

Source Hitachi Energy

Published May 26, 2026 at 11:43

Affected Product

Vendor Hitachi Energy

Product MACH HiDraw

Version 9.0

Affected Versions Hitachi Energy MACH HiDraw 9.0

CWE Classification

CWE-122

References

publisher.hitachienergy.com /preview

{
    "lastseen": "",
    "description": "A heap-based buffer overflow vulnerability exists in XML\nparser functionality in the HiDraw. An authenticated\nmalicious user with local access can exploit this\nvulnerability using a specially crafted XML file which may\nlead to memory corruption and potential arbitrary code\nexecution. Successful exploitation could result in\napplication crashes (denial of service) and compromise the\nconfidentiality and integrity of the affected system.",
    "published": "2026-05-26T11:43:41.155Z",
    "modified": "2026-05-26T11:43:41.155Z",
    "type": "cve",
    "title": "CVE-2026-7310",
    "source": "Hitachi Energy",
    "references": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000248&LanguageCode=en&DocumentPartId=&Action=Launch",
    "id": "CVE-2026-7310",
    "bulletinFamily": "",
    "cwe": [
        "CWE-122"
    ],
    "cvelist": null,
    "sourceData": "Hitachi Energy MACH HiDraw 9.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.4,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MACH HiDraw",
    "version": "9.0",
    "vendor": "Hitachi Energy",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}