8.7

CVE-2026-1773

IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HitachienergyRtu540 Firmware Version >= 12.7.1 <= 12.7.7
   HitachienergyRtu540 Version-
HitachienergyRtu540 Firmware Version >= 13.5.1 <= 13.5.4
   HitachienergyRtu540 Version-
HitachienergyRtu540 Firmware Version >= 13.6.1 <= 13.6.2
   HitachienergyRtu540 Version-
HitachienergyRtu540 Firmware Version >= 13.7.1 < 13.7.8
   HitachienergyRtu540 Version-
HitachienergyRtu540 Firmware Version13.8.1
   HitachienergyRtu540 Version-
HitachienergyRtu560 Firmware Version >= 12.7.1 <= 12.7.7
   HitachienergyRtu560 Version-
HitachienergyRtu560 Firmware Version >= 13.5.1 <= 13.5.4
   HitachienergyRtu560 Version-
HitachienergyRtu560 Firmware Version >= 13.6.1 <= 13.6.2
   HitachienergyRtu560 Version-
HitachienergyRtu560 Firmware Version >= 13.7.1 < 13.7.8
   HitachienergyRtu560 Version-
HitachienergyRtu560 Firmware Version13.8.1
   HitachienergyRtu560 Version-
HitachienergyRtu520 Firmware Version >= 12.7.1 <= 12.7.7
   HitachienergyRtu520 Version-
HitachienergyRtu520 Firmware Version >= 13.5.1 <= 13.5.4
   HitachienergyRtu520 Version-
HitachienergyRtu520 Firmware Version >= 13.6.1 <= 13.6.2
   HitachienergyRtu520 Version-
HitachienergyRtu520 Firmware Version >= 13.7.1 < 13.7.8
   HitachienergyRtu520 Version-
HitachienergyRtu520 Firmware Version13.8.1
   HitachienergyRtu520 Version-
HitachienergyRtu530 Firmware Version >= 12.7.1 <= 12.7.7
   HitachienergyRtu530 Version-
HitachienergyRtu530 Firmware Version >= 13.5.1 <= 13.5.4
   HitachienergyRtu530 Version-
HitachienergyRtu530 Firmware Version >= 13.6.1 <= 13.6.2
   HitachienergyRtu530 Version-
HitachienergyRtu530 Firmware Version >= 13.7.1 < 13.7.8
   HitachienergyRtu530 Version-
HitachienergyRtu530 Firmware Version13.8.1
   HitachienergyRtu530 Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.326
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cybersecurity@hitachienergy.com 8.7 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-184 Incomplete List of Disallowed Inputs

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch
Vendor Advisory