CVE-2026-2459
CWE-267Published: February 24, 2026· Updated: Feb 26, 2026
Official Description
A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so.
Technical Analysis
CVE-2026-2459 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.
Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), with a CVSS base score of 8.1.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
Official Patches & Advisories
News & Research Mentioning CVE-2026-2459
View CSAF Summary Hitachi Energy is aware of vulnerabilities that affect the Relion REB500 product versions listed in this document. Authenticated users with certain roles can exploit the vulnerabilities to access and modify the directory contents they are not authorized to do so. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. The following versions of Hitachi Energy Relion REB500 Product are affected: Relion REB500 vers:Relion_REB500/<=8.3.3.0 (CVE-2026-2459, CVE-2026-2460) CVSS Vendor Equipment Vulnerabilities v3 6.8 Hitachi Energy Hitachi Energy Relion REB500 Product Privilege Defined With Unsafe Actions Background Critical Infrastructure Sectors: Energy Countries/Areas Deployed: Worldwide Compa [xlite_meta score:73 src:CISA Alerts xlite_fp:01f9ac337cc7afeaccdb785798646847715b3ec06a0e0ff9c6ccdd40afcc708b]
All References (1)
Quick Facts
Known Threat Actors
Related CVEs (CWE-267)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-2459 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts