CVE-2026-1773
7.5 HIGHIEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame
Published: 2026-02-24 · Last updated: 2026-05-26
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-184
Affected products
| Vendor | Product |
|---|---|
| hitachienergy | rtu520_firmware, rtu530_firmware, rtu540_firmware |
Description
IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-53864 — OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js contr... (8.1 HIGH)
- CVE-2026-53861 — OpenClaw before 2026.5.6 contains an allowlist bypass vulnerability in the macOS Swift exec feature that misses combined POSIX inline-com... (6.6 MEDIUM)
- CVE-2026-53855 — OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks ... (8.1 HIGH)
- CVE-2026-53848 — OpenClaw before 2026.5.26 contains an exec allowlist bypass vulnerability allowing authenticated operators to execute wrapper-level side ... (4.3 MEDIUM)
- CVE-2026-53836 — OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to exec... (8.8 HIGH)