← Back to home
ICSA-26-155-04  ·  Published 2026-06-04  ·  View on CISA ICS-CERT ↗

Hitachi Energy RTU500

CVSS 7.8 HIGH

Risk Summary

Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. If exploited, these vulnerabilities primarily impact product availability, with potential secondary impacts on confidentiality and integrity. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation.

CVEs (7)

Remediations

  • Update to CMU Firmware version 13.8.2
  • Follow general mitigation factors/workarounds
  • Update to CMU Firmware version 13.7.9 (when available) or 13.8.2
  • Update to CMU Firmware version 13.7.8

Affected Vendors

Hitachi Energy

Affected Products (6)

Hitachi Energy · RTU500 series CMU Firmware vers:RTU500_series_CMU_Firmware/>=12.7.1|<=12.7.7
Hitachi Energy · RTU500 series CMU Firmware vers:RTU500_series_CMU_Firmware/>=13.5.1|<=13.5.4
Hitachi Energy · RTU500 series CMU Firmware vers:RTU500_series_CMU_Firmware/>=13.6.1|<=13.6.3
Hitachi Energy · RTU500 series CMU Firmware vers:RTU500_series_CMU_Firmware/>=13.7.1|<=13.7.8
Hitachi Energy · RTU500 series CMU Firmware 13.8.1
Hitachi Energy · RTU500 series CMU Firmware vers:RTU500_series_CMU_Firmware/>=13.7.1|<=13.7.7

Affected Sectors

Dams, Energy, Water and Wastewater

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more