CVE-2026-1773

IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:hitachienergy:rtu540_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu540_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu540_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu540_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu540_firmware:13.8.1:::::::*

cpe:2.3:h:hitachienergy:rtu540:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:hitachienergy:rtu560_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu560_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu560_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu560_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu560_firmware:13.8.1:::::::*

cpe:2.3:h:hitachienergy:rtu560:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:hitachienergy:rtu520_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu520_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu520_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu520_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu520_firmware:13.8.1:::::::*

cpe:2.3:h:hitachienergy:rtu520:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:hitachienergy:rtu530_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu530_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu530_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu530_firmware::::::::
	cpe:2.3:o:hitachienergy:rtu530_firmware:13.8.1:::::::*

cpe:2.3:h:hitachienergy:rtu530:-:*:*:*:*:*:*:*

History

27 Feb 2026, 18:56

Type	Values Removed	Values Added
CPE		cpe:2.3:o:hitachienergy:rtu560_firmware:::::::: cpe:2.3:o:hitachienergy:rtu530_firmware:::::::: cpe:2.3:h:hitachienergy:rtu520:-:::::::* cpe:2.3:o:hitachienergy:rtu540_firmware:::::::: cpe:2.3:o:hitachienergy:rtu520_firmware:13.8.1:::::::* cpe:2.3:o:hitachienergy:rtu530_firmware:13.8.1:::::::* cpe:2.3:h:hitachienergy:rtu560:-:::::::* cpe:2.3:h:hitachienergy:rtu540:-:::::::* cpe:2.3:o:hitachienergy:rtu520_firmware:::::::: cpe:2.3:o:hitachienergy:rtu560_firmware:13.8.1:::::::* cpe:2.3:o:hitachienergy:rtu540_firmware:13.8.1:::::::* cpe:2.3:h:hitachienergy:rtu530:-:::::::*
References	~~() https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch -~~	() https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
First Time		Hitachienergy rtu530 Firmware Hitachienergy Hitachienergy rtu560 Firmware Hitachienergy rtu540 Hitachienergy rtu520 Firmware Hitachienergy rtu560 Hitachienergy rtu540 Firmware Hitachienergy rtu530 Hitachienergy rtu520

24 Feb 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-24 14:16

Updated : 2026-02-27 18:56

NVD link : CVE-2026-1773

Mitre link : CVE-2026-1773

CVE.ORG link : CVE-2026-1773

JSON object : View

Products Affected

hitachienergy

rtu530_firmware
rtu560
rtu530
rtu520
rtu540
rtu520_firmware
rtu540_firmware
rtu560_firmware

CWE

CWE-184

Incomplete List of Disallowed Inputs

7.5 /10