{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1773", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "state": "PUBLISHED", "assignerShortName": "Hitachi Energy", "dateReserved": "2026-02-02T16:28:59.394Z", "datePublished": "2026-02-24T13:13:17.990Z", "dateUpdated": "2026-02-28T02:20:00.192Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "RTU500 series CMU firmware", "vendor": "Hitachi Energy", "versions": [{"lessThanOrEqual": "12.7.7", "status": "affected", "version": "12.7.1", "versionType": "custom"}, {"lessThanOrEqual": "13.5.4", "status": "affected", "version": "13.5.1", "versionType": "custom"}, {"lessThanOrEqual": "13.6.2", "status": "affected", "version": "13.6.1", "versionType": "custom"}, {"lessThanOrEqual": "13.7.7", "status": "affected", "version": "13.7.1", "versionType": "custom"}, {"status": "affected", "version": "13.8.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame.&nbsp;Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.<br>"}], "value": "IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame.\u00a0Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation."}], "impacts": [{"capecId": "CAPEC-278", "descriptions": [{"lang": "en", "value": "CAPEC-278 Web Services Protocol Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-184", "description": "CWE-184 Incomplete List of Disallowed Inputs", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2026-02-24T13:40:55.104Z"}, "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-28T02:19:44.432868Z", "id": "CVE-2026-1773", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-28T02:20:00.192Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1773", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-28T02:19:44.432868Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-28T02:19:54.971Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-278", "descriptions": [{"lang": "en", "value": "CAPEC-278 Web Services Protocol Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hitachi Energy", "product": "RTU500 series CMU firmware", "versions": [{"status": "affected", "version": "12.7.1", "versionType": "custom", "lessThanOrEqual": "12.7.7"}, {"status": "affected", "version": "13.5.1", "versionType": "custom", "lessThanOrEqual": "13.5.4"}, {"status": "affected", "version": "13.6.1", "versionType": "custom", "lessThanOrEqual": "13.6.2"}, {"status": "affected", "version": "13.7.1", "versionType": "custom", "lessThanOrEqual": "13.7.7"}, {"status": "affected", "version": "13.8.1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame.\u00a0Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.", "supportingMedia": [{"type": "text/html", "value": "IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame.&nbsp;Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-184", "description": "CWE-184 Incomplete List of Disallowed Inputs"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2026-02-24T13:40:55.104Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1773", "state": "PUBLISHED", "dateUpdated": "2026-02-28T02:20:00.192Z", "dateReserved": "2026-02-02T16:28:59.394Z", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "datePublished": "2026-02-24T13:13:17.990Z", "assignerShortName": "Hitachi Energy"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCFA1FB7-1834-4425-9DDB-0C08140DAD4B", "versionEndIncluding": "12.7.7", "versionStartIncluding": "12.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B70918C5-85C2-40B8-8681-921942C41561", "versionEndIncluding": "13.5.4", "versionStartIncluding": "13.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "30F20A11-9ECB-4CC6-88C2-0CC96DFFABE2", "versionEndIncluding": "13.6.2", "versionStartIncluding": "13.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "199A1127-9B24-46A6-9122-30FD2EF64F32", "versionEndExcluding": "13.7.8", "versionStartIncluding": "13.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu540_firmware:13.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "4D49545F-C765-4579-89C5-01B1EBB45B36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:rtu540:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EEFDEF0-883D-402B-9CD4-333A145E3C75", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF5BF48F-4BDF-4D38-A836-221066FA6234", "versionEndIncluding": "12.7.7", "versionStartIncluding": "12.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C75F1BB5-558A-4292-BA2B-E77D811D5E09", "versionEndIncluding": "13.5.4", "versionStartIncluding": "13.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DE20728-0C7A-4388-AA09-AC50C8AD51F9", "versionEndIncluding": "13.6.2", "versionStartIncluding": "13.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CCC0128-9A27-4F4A-B254-C0C31BDCA78B", "versionEndExcluding": "13.7.8", "versionStartIncluding": "13.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu560_firmware:13.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "B9753BCF-0BE9-4B1A-88B4-0B0DE5F623CE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:rtu560:-:*:*:*:*:*:*:*", "matchCriteriaId": "495DCBD6-D2D1-4295-81D1-6ACA1B2CA223", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "064FFA76-2AD3-425F-B003-4D038C941E7D", "versionEndIncluding": "12.7.7", "versionStartIncluding": "12.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC2DF255-AB45-4CAE-A7BD-0B2A1B5D04D6", "versionEndIncluding": "13.5.4", "versionStartIncluding": "13.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB44D4BF-8F0F-4770-A150-A5469A262A5A", "versionEndIncluding": "13.6.2", "versionStartIncluding": "13.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "432CB425-58CC-47E2-847D-5E3FD31F8EB3", "versionEndExcluding": "13.7.8", "versionStartIncluding": "13.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu520_firmware:13.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D034F19D-920A-44DE-A886-6021242FF6E3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:rtu520:-:*:*:*:*:*:*:*", "matchCriteriaId": "11AF93AD-200F-47A6-BA2C-F82165AFB50D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "50ECC099-2676-45CE-82DA-4A6943452976", "versionEndIncluding": "12.7.7", "versionStartIncluding": "12.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D5D8077-C84A-4821-9F89-76A0F4664927", "versionEndIncluding": "13.5.4", "versionStartIncluding": "13.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89FAF654-7F2C-4918-B074-6CB685E885D8", "versionEndIncluding": "13.6.2", "versionStartIncluding": "13.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0561AA77-CE68-4C93-8611-630FB07B507C", "versionEndExcluding": "13.7.8", "versionStartIncluding": "13.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:hitachienergy:rtu530_firmware:13.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "45F698BE-5EDF-46DF-8B1E-96AC8894AA64", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hitachienergy:rtu530:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC6F9377-E6BB-4DEA-9D87-0AF792CBAC57", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame.\u00a0Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation."}], "id": "CVE-2026-1773", "lastModified": "2026-02-27T18:56:20.460", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2026-02-24T14:16:22.420", "references": [{"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-184"}], "source": "cybersecurity@hitachienergy.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[12.7.1,12.7.7]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[13.5.1,13.5.4]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[13.6.1,13.6.2]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[13.7.1,13.7.7]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "13.8.1"}}], "enrichment": {"confidence": 83.0, "confidence_source": "matching", "scores": [{"score": 83.0, "source": "matching"}]}, "original": {"product": "RTU500 series CMU firmware", "source": "cna", "vendor": "Hitachi Energy"}, "product": "rtu500_firmware", "vendor": "hitachienergy"}], "analysis": {"en": {"generated_at": "2026-04-16T16:28:29.628255+00:00", "value": {"mitigation_remediation": ["Upgrade the firmware on all affected RTU520, RTU530, RTU540, and RTU560 units to a version that addresses the U\u2011format frame handling issue.", "If an immediate firmware update is impractical, disable the bi\u2011directional IEC\u202f60870\u20115\u2011104 mode on devices that do not require it to prevent the fault condition.", "Activate secure transmission as defined in IEC\u202f62351\u20113 to reduce the chance that malicious frames can be delivered, and monitor the IEC\u202f60870\u20115\u2011104 traffic for suspicious activity."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "This defect affects the Hitachi Energy RTU500 series CMU firmware used in RTU520, RTU530, RTU540, and RTU560 devices. All models running firmware version 13.8.1 are known to be vulnerable, as are devices operating any prior firmware that includes the same vulnerable code path.", "description_and_impact": "The vulnerability allows an attacker to cause a denial of service by sending an invalid U-format frame to a device running the Hitachi Energy RTU500 series CMU firmware that has IEC 60870-5-104 bi\u2011directional functionality enabled. The fault occurs during frame reception, leading to an indefinite hang or reset of the communication stack. This weakness is categorized as CWE\u2011184 and carries a CVSS score of 8.7, indicating a high severity.", "risk_and_exploitability": "The likelihood of exploitation is reflected in an EPSS score of less than 1\u202f%, suggesting that known exploitations are rare or limited. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog, but the high CVSS still warrants remediation. An attacker would need network access to the IEC 60870-5-104 channel and the ability to transmit malformed frames; enabling secure communication per IEC\u202f62351\u20113 mitigates the risk but does not eliminate the vulnerability."}}}}, "created": "2026-02-25T11:39:52.500681+00:00", "title": "Denial of Service via Invalid U-Format Frame in IEC 60870-5-104", "updated": "2026-04-16T16:30:15.948200+00:00", "vendors": ["hitachienergy", "hitachienergy$PRODUCT$rtu500_firmware"]}