In a significant escalation for industrial cybersecurity, a broad class of Siemens engineering software has been confirmed vulnerable to a type confusion deserialization flaw that can lead to arbitrary code execution when an attacker has local authenticated access. The issue—tracked under...