Hitachi Energy warns that several RTU500 firmware versions are vulnerable to denial‑of‑service attacks.
The advisory lists eight CVEs affecting CMU firmware from 12.7.1 through 13.7.8. Most flaws stem from null‑pointer dereferences, integer overflow, or infinite loops in the libexpat library used by the IEC 61850 stack. Exploitation requires a privileged user to upload a malformed PKCS‑12 file or trigger malformed IEC 61850 messages, leading to crashes that can take the remote terminal unit offline. No code‑execution path is known, but the loss of availability can impact dams, power grids, and water‑treatment sites.
Operators should treat the issue as a maintenance priority because an unavailable RTU can disrupt automated control loops in critical infrastructure. Updating to CMU firmware 13.8.2 (or interim 13.7.9 when it appears) patches the vulnerable libexpat code and restores normal operation.
In short, the flaws are pure availability bugs, but in environments where RTUs are the last line of defense, even a crash is a serious incident. Upgrade now or risk a preventable outage.