Hitachi Energy RTU TLS Connection Renegotiation Vulnerability in IEC 61850 Client and Server Functionality

Vulnerability

A vulnerability in the RTU IEC 61850 client and server functionality could affect availability. This issue arises when renegotiation of an open IEC 61850 TLS connection occurs under specific timing conditions while IEC 61850 communication is active. The vulnerability impacts the CMU where the IEC 61850 stack is configured, and requires that IEC 61850 be set up as a client or server using TLS on the affected RTU 500 device.

Impact

Exploitation of this vulnerability could lead to a denial-of-service condition, disrupting active IEC 61850 communications.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

5.9

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

5.9

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hitachi Energy RTU TLS Connection Renegotiation Vulnerability in IEC 61850 Client and Server Functionality

Vulnerability

Impact

Affected Products

Hitachi Energy RTU500

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating