CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Hitachi Energy e-mesh EMS

criticalCVE-2026-42945
View CSAF Summary Hitachi Energy is aware of a buffer overflow vulnerability that affects e-mesh EMS product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages (denial of service) and possible arbitrary code execution. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. The following versions of Hitachi Energy e-mesh EMS are affected: Hitachi Energy e-mesh EMS 4.1.6, 4.4.2, 4.7.0 CVSS Vendor Equipment Vulnerabilities v3 8.1 Hitachi Energy Hitachi Energy e-mesh EMS Heap-based Buffer Overflow Background Critical Infrastructure Sectors: Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2026-42945 NGINX Plus and NGINX Open Source used in e-mesh EMS have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. e-mesh EMS versions using NGINX v1.30.0 and below are affected. View CVE Details Affected Products Hitachi Energy e-mesh EMS Vendor: Hitachi Energy Product Version: e-mesh EMS versions 4.1.6, e-mesh EMS versions 4.4.2, e-mesh EMS versions 4.7.0 Product Status: known_affected Remediations Vendor fix Apply hotfix for respective e-mesh EMS versions to update NGINX to either v1.30.2 or latest Mitigation Ensure rewrite configuration does

CSIRTS triage

What
A buffer overflow vulnerability could lead to application outages and arbitrary code execution.
Who is affected
Deployments of e-mesh EMS versions 4.1.6, 4.4.2, and 4.7.0 worldwide.
Urgency
Remediation is critical due to the high CVSS score and potential for severe impact.
Action
Apply the recommended immediate actions for mitigation or remediation.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch e-mesh EMS

Get an email when a new e-mesh EMS advisory drops — max one per day, one-click unsubscribe.

Details

Source
CISA Cybersecurity Advisories (US · national-cert · site)
Severity
critical
Published
2026-07-07
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-03

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-42945coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

More from CISA Cybersecurity Advisories