Hitachi Energy RTU500 CMU Restart Vulnerability in IEC 60870-4-104 Controlled Station Functionality

Vulnerability

A vulnerability in the RTU500 series' IEC 60870-4-104 controlled station functionality allows an authenticated and authorized attacker to restart the Central Management Unit (CMU). This issue arises when certificates are updated while active connections are in use. If successfully exploited, the affected CMU will automatically recover from the restart.

Impact

Exploitation of this vulnerability allows for a controlled restart of the Central Management Unit, causing temporary disruption of services managed by the CMU.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

4.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

4.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hitachi Energy RTU500 CMU Restart Vulnerability in IEC 60870-4-104 Controlled Station Functionality

Vulnerability

Impact

Affected Products

Hitachi Energy RTU500

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating