VDB
ICSA-26-062-03
ICSA-26-062-03
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. Successful exploitation of these vulnerabilities can result in the exposure of low-value user management information and device outage. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation.
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| RTU500 series CMU Firmware version 13.8.1 | ||
| RTU500 series CMU Firmware version 13.5.1 through 13.5.4 | ||
| RTU500 series CMU Firmware version 12.7.1 through 12.7.7 | ||
| RTU500 series CMU Firmware version 13.6.1 through 13.6.2 | ||
| RTU500 series CMU Firmware version 13.7.1 through 13.7.7 |
Exploit Intelligence
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-062-03.json (circl)
- https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=launch (circl)
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-062-03 (circl)
- https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01 (circl)
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices (circl)
- https://www.cisa.gov/topics/industrial-control-systems (circl)
- https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf (circl)
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf (circl)
- https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b (circl)
Timeline
- Feb 24, 2026 CVE Published
- Mar 3, 2026 CVE Updated
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-062-03.json advisory
- https://publisher.hitachienergy.com/preview?DocumentID=8DBD000237&LanguageCode=en&DocumentPartId=&Action=launch advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-062-03 advisory
- https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b url