Skip to main content

Rtu500 Series Cmu Firmware

1 CVEs product

Monthly

CVE-2026-8479 MEDIUM CISA This Month

NULL pointer dereference in Hitachi Energy RTU500 series CMU Firmware allows an adjacent low-privileged attacker to crash the IEC 60870-5-104 communication process by sending a specially crafted sequence of messages over time, resulting in a Denial of Service on the RTU device. Exploitation is gated behind a non-default configuration - only deployments with bidirectional communication interface (BCI) mode enabled are affected. No public exploit exists and EPSS places exploitation probability at 0.02% (7th percentile), consistent with the specialized OT/ICS context, adjacency requirement, and SSVC confirmation of no known active exploitation.

Denial Of Service Null Pointer Dereference Rtu500 Series Cmu Firmware
NVD
CVSS 4.0
6.9
EPSS
0.0%
EPSS 0% CVSS 6.9
MEDIUM This Month

NULL pointer dereference in Hitachi Energy RTU500 series CMU Firmware allows an adjacent low-privileged attacker to crash the IEC 60870-5-104 communication process by sending a specially crafted sequence of messages over time, resulting in a Denial of Service on the RTU device. Exploitation is gated behind a non-default configuration - only deployments with bidirectional communication interface (BCI) mode enabled are affected. No public exploit exists and EPSS places exploitation probability at 0.02% (7th percentile), consistent with the specialized OT/ICS context, adjacency requirement, and SSVC confirmation of no known active exploitation.

Denial Of Service Null Pointer Dereference Rtu500 Series Cmu Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy