CVE-2026-8479

IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable
for a NULL pointer dereferencing, if a specially crafted
sequence of messages is sent for a certain time, causing
Denial of Service impact.
Product is only affected if IEC 60870-5-104 functionality in
bidirectional mode (BCI) is configured.

More information : https://publisher.hitachienergy.com/preview?DocumentID=8DBD000252&LanguageCode=en&DocumentPartId=&Action=Launch