Hitachi Energy RTU500 Web Server Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the RTU500 web server component. This issue can disrupt the RTU500 CMU application by exploiting a WebSocket connection with a specially crafted message sequence. The vulnerability requires proper authentication and the test mode function of RTU500 to be enabled. If successfully exploited, the affected CMU will automatically recover from the disruption.

Impact

Exploitation of this vulnerability causes a denial-of-service condition on the RTU500 CMU application, although the application automatically recovers after the disruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.5

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

4.5

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hitachi Energy RTU500 Web Server Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

Hitachi Energy RTU500

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating