THE CISA advisory (ICSA-26-155-04) announces vulnerabilities in Hitachi Energy's RTU500 products, specifically within certain firmware versions. If exploited, these vulnerabilities can lead to denial of service, impacting system availability, confidentiality, and integrity. The affected versions range from RTU500 series CMU Firmware 12.7.1 to 13.8.1, with CVEs including CVE-2025-69421 and CVE-2026-24515 noted for issues like NULL pointer dereference and integer overflow.
Users are advised to update to CMU Firmware version 13.8.2 for remediation and to implement recommended security practices to mitigate risks. The document also provides detailed CVSS scores, affected product statuses, and links to related advisories.