Rtu500 series cmu firmware

This hub aggregates every CVE we track for Rtu500 series cmu firmware, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 9 most recently published vulnerabilities affecting Rtu500 series cmu firmware.

• CVE-2026-8479IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Servic...6.5May 26, 2026
• CVE-2026-1773IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. E...7.5Feb 24, 2026
• CVE-2026-1772RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via the RTU500 web user interface but requires further tools like browser develop...5.3Feb 24, 2026
• CVE-2024-2617A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, if secure update feature was not enabled on all CMUs of a RTU500. If a malicious a...7.2Apr 30, 2024
• CVE-2024-1532A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty stri...6.8Mar 27, 2024
• CVE-2024-1531A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could print random memory content in the RTU500 system log, ...8.2Mar 27, 2024
• CVE-2022-2081A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by ...7.5Jan 4, 2024
• CVE-2023-6711Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not...5.9Dec 19, 2023
• CVE-2022-28613Specially Crafted Modbus TCP Packet Vulnerability in RTU500 series7.5May 2, 2022