PT-2026-21677 · Unknown · Iec 60870-5-104
Published
2026-02-24
·
Updated
2026-03-01
·
CVE-2026-1773
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
IEC 60870-5-104 (affected versions not specified)
Description
The software may experience a denial of service when receiving invalid U-format frames. The issue affects products only if the IEC 60870-5-104 bi-directional functionality is configured. While enabling secure communication following IEC 62351-3 does not resolve the issue, it can reduce the risk of exploitation.
Recommendations
Configure the bi-directional function carefully.
Enable secure communication following IEC 62351-3 to mitigate the risk of exploitation.
Fix
DoS
RCE
Incomplete List of Disallowed Inputs
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Iec 60870-5-104