[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-hitachi-energy-rtu500-firmware-flaws-expose-denialofservice-risk":10},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":38,"persona_id":22,"persona_name":22,"section":22,"tags":39,"sources":43,"feedback":47,"feedback_at":22,"cost_usd":47,"total_tokens":47},1005,"hitachi-energy-rtu500-firmware-flaws-expose-denialofservice-risk","Hitachi Energy RTU500 firmware flaws expose denial‑of‑service risk","Multiple CVEs in RTU500 firmware can crash the controller, and operators must upgrade to version 13.8.2.","Hitachi Energy warns that several RTU500 firmware versions are vulnerable to denial‑of‑service attacks.\n\nThe advisory lists eight CVEs affecting CMU firmware from 12.7.1 through 13.7.8. Most flaws stem from null‑pointer dereferences, integer overflow, or infinite loops in the libexpat library used by the IEC 61850 stack. Exploitation requires a privileged user to upload a malformed PKCS‑12 file or trigger malformed IEC 61850 messages, leading to crashes that can take the remote terminal unit offline. No code‑execution path is known, but the loss of availability can impact dams, power grids, and water‑treatment sites.\n\nOperators should treat the issue as a maintenance priority because an unavailable RTU can disrupt automated control loops in critical infrastructure. Updating to CMU firmware 13.8.2 (or interim 13.7.9 when it appears) patches the vulnerable libexpat code and restores normal operation.\n\nIn short, the flaws are pure availability bugs, but in environments where RTUs are the last line of defense, even a crash is a serious incident. Upgrade now or risk a preventable outage.","[\"industrial-control\",\"security\",\"firmware\"]","2026-06-04T12:00:00.000Z","2026-06-16T03:47:31.458Z","2026-06-16T03:47:38.769Z","published",null,[24,30,34],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"Add a concise concluding paragraph summarising the risk and the required action, and ensure consistent naming of the firmware (CMU) throughout.","resolved",{"id":31,"reviewer":26,"round":32,"reason":33,"status":29},"editor-r2",2,"Add a concise concluding paragraph that summarises the risk and the required action, and ensure consistent naming of the firmware (CMU) throughout.",{"id":35,"reviewer":26,"round":36,"reason":37,"status":29},"editor-r3",3,"Add a concise concluding paragraph that summarises the denial‑of‑service risk and the required upgrade action, and ensure the article ends with a clear summary sentence.","https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Fhitachi-energy-rtu500-firmware-flaws-expose-denialofservice-risk.webp",[40,41,42],"industrial-control","security","firmware",[44],{"name":45,"url":46},"CISA Advisories","https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Fics-advisories\u002Ficsa-26-155-04",0]