CVE-2026-2460

High CVSS: 7.6

A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so.

Vendor

Hitachienergy

Product

Reb500 Firmware

CWE

CWE-267

Yayın Tarihi

2026-02-24 14:16:23

Güncelleme

2026-02-26 18:04:30

Source Identifier

cybersecurity@hitachienergy.com

KEV Date Added

Kategoriler

CWE-267 Reb500 Firmware HIGH Hitachienergy 2026

Referanslar

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000217&LanguageCode=en&DocumentPartId=&Action=Launch

Benzer Kayıtlar

High

CVE-2026-2459

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of direc…

Medium

CVE-2026-1772

RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via…

High

CVE-2026-1773

IEC 60870-5-104: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if…

High

CVE-2025-39205

A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol a…

Medium

CVE-2025-39201

A vulnerability exists in MicroSCADA X SYS600 product. If exploited this could allow a local unauthenticated attacker to…

High

CVE-2025-39202

A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with lo…