CVE-2026-1773

Published: Feb 24, 2026

Modified: May 27, 2026

PUBLISHED

Description

IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.

Vendor	Product	Versions
Hitachi Energy	RTU500 series CMU firmware	affected `12.7.1 - <= 12.7.7` affected `13.5.1 - <= 13.5.4` affected `13.6.1 - <= 13.6.2` affected `13.7.1 - <= 13.7.7` affected `13.8.1`

Weaknesses (CWE)

CWE-184

References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-1773

Description

Affected Products

Weaknesses (CWE)

References