VDB
CVE-2026-1773
CVE-2026-1773
PUBLISHED
CVSS 8.699999809265137 HIGH
IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates the risk of exploitation.
EPSS 0.03% · 8.0th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.03%
8.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| hitachienergy | rtu530_firmware | 13.5.1, 13.6.1, 13.8.1 |
| hitachienergy | rtu520_firmware | 13.7.1, 13.8.1, 13.6.1 |
| hitachienergy | rtu560_firmware | 12.7.1, 12.7.1, 13.5.1 |
| Hitachi Energy | RTU500 series CMU firmware | 13.5.1, 12.7.1, 13.6.1 |
| hitachienergy | rtu540_firmware | 13.8.1, 13.7.1, 13.6.1 |
Exploit Intelligence
- CIRCL seen: CVE-2026-1773 (circl-sighting)
- CIRCL seen: CVE-2026-1773 (circl-sighting)
- https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
Timeline
- Feb 2, 2026 CVE ID Reserved
- Feb 24, 2026 CVE Published
- Feb 24, 2026 PoC Published
- Feb 25, 2026 EPSS Score
- Feb 27, 2026 EPSS Score
- Feb 28, 2026 EPSS Score
- Mar 2, 2026 EPSS Score
- Mar 3, 2026 EPSS Score
- Mar 3, 2026 PoC Published
- Mar 5, 2026 EPSS Score
- Mar 6, 2026 EPSS Score
- Mar 8, 2026 EPSS Score