Medium severityNVD Advisory· Published May 26, 2026· Updated May 26, 2026
CVE-2026-8479
CVE-2026-8479
Description
IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode (BCI) is configured.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
2- Hitachi Discloses Six CVEs Across Pentaho, RTU500, Ops Center, and HiDraw ProductsVypr Intelligence · May 27, 2026
- Hitachi Energy RTU500CISA ICS Advisories