Hitachi Energy RTU500 Firmware Vulnerabilities Identified
🔒 Hitachi Energy disclosed multiple vulnerabilities in the RTU500 series CMU firmware that may reveal limited user-management data or cause device outages. The issues span improper permission handling, input validation gaps, uncontrolled recursion, and unbounded memory allocation, with CVSS scores up to 7.5. Vendor fixes are available — update to CMU Firmware 12.7.8, 13.7.8 (or later), or 13.8.2 as applicable — and apply recommended network mitigations until devices are patched.
