industrial cybersecurity

Siemens’ ProductCERT has republished a high‑risk advisory: a heap‑based buffer overflow in the third‑party WIBU Systems CodeMeter Runtime (root cause: a vulnerable libcurl SOCKS5 handshake, CVE‑2023‑38545) is present inside several Desigo CC product family builds and the Desigo CC‑based SENTRON...

Siemens has disclosed a cluster of high‑impact vulnerabilities in its COMOS engineering platform that, taken together, create multiple realistic attack paths — from sensitive information disclosure and cross‑site scripting to remote code execution and denial‑of‑service — and the vendor and...

Siemens has warned that the Webhooks implementation in recent releases of Siveillance Video Management Servers contains a missing-authorization flaw that lets an authenticated user with only read-only privileges escalate to full control of the product’s Webhooks API — a configuration and...

Siemens has released an urgent security update for Solid Edge after researchers discovered an out‑of‑bounds read in the PS/IGES Parasolid Translator that can be triggered by specially crafted IGS files — a flaw Siemens tracks as CVE‑2025‑40936 — and the vendor is urging all customers to update...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged the ZLAN Information Technology Co. ZLAN5143D serial-to-Ethernet gateway — specifically firmware v1.600 — as affected by two high-severity weaknesses that allow an attacker to bypass authentication or reset device...

Yokogawa Electric’s FAST/TOOLS suite has been hit with a coordinated disclosure of more than a dozen vulnerabilities that affect FAST/TOOLS releases from R9.01 through R10.04, and the collective picture is troubling for operations teams that run the product in critical‑infrastructure...

Mitsubishi Electric’s MELSEC iQ‑R family has a new, high‑severity vulnerability that demands immediate attention from OT teams and Windows‑based engineering hosts that manage programmable logic controllers (PLCs). The flaw, tracked as CVE‑2025‑15080, allows an unauthenticated remote actor to...

A newly disclosed memory-safety bug in the open-source OPC UA stack open62541 — tracked as CVE-2026-1301 — has been flagged by U.S. cyber authorities as a medium-severity vulnerability that can be triggered before authentication and that reliably causes process crashes and heap corruption in...

A cluster of vulnerabilities affecting AutomaapplicationDirect’s CLICK PLUS family has put hundreds of engineering projects and live control systems at elevated risk: exposed credentials in project files, weak or hard-coded cryptography in firmware, and autwhorization and resource-handling...

Siemens has published a security advisory confirming two medium‑to‑high severity vulnerabilities in SINEC Security Monitor that affect all releases prior to V4.10.0, and operators are urged to update to V4.10.0 or later immediately to eliminate both the authorization bypass in the ssmctl-client...

Siemens has warned that a flaw in the way several SIMATIC and SIPLUS ET 200 devices handle S7 protocol session disconnects can be weaponized to cause a denial‑of‑service (DoS) condition: a properly formed S7 Disconnect Request (a COTP DR TPDU) sent to TCP port 102 may push the device into an...

Rockwell Automation’s FactoryTalk DataMosaix Private Cloud contains a high‑severity SQL injection vulnerability that lets low‑privilege users perform sensitive database operations through exposed API endpoints — a flaw assigned CVE‑2025‑12807 with a CVSS v3.1 base score of 8.8 (CVSS v4 ≈ 8.7)...

Rockwell Automation has confirmed a high‑severity denial‑of‑service vulnerability in the GuardLink EtherNet/IP interface on its 432ES‑IG3 Series A safety module (CVE‑2025‑9368), a flaw that can render the module unresponsive over the network and requires a manual power cycle to restore service —...

CISA has published an Industrial Control Systems advisory that consolidates vendor fixes and concrete mitigation guidance for a deserialization vulnerability in Schneider Electric’s EcoStruxure Power Monitoring Expert (PME), tracked as CVE-2024-9005, and operators running PME 2022 and earlier...

Rockwell Automation has published an urgent advisory after internal fuzz-testing uncovered two controller defects that can crash or fault Micro800-series devices: an IPv6 stack fault that produces recoverable controller faults (CVE-2025-13823) and a malformed-CIP handling flaw that can drive...

A critical remote-code and information‑exposure risk has been disclosed in the software keyboard (“keypad”) function used by ICONICS GENESIS64, ICONICS Suite, MobileHMI and Mitsubishi Electric’s MC Works64 — a flaw that can allow an attacker to force execution of arbitrary EXE files when a...

Siemens has disclosed a serious vulnerability in the Interniche TCP/IP stack that underpins networking in a broad array of industrial devices and controllers; the flaw (tracked as CVE‑2025‑40820) can allow an unauthenticated remote attacker who can inject spoofed IP packets at precisely timed...

Schneider Electric has confirmed that its EcoStruxure Foxboro DCS Advisor service is affected by a critical Microsoft Windows Server Update Services (WSUS) vulnerability — tracked as CVE‑2025‑59287 — and operators must prioritize out‑of‑band WSUS patches and layered mitigations to avoid a...

AzeoTech’s DAQFactory has been the subject of a high‑severity industrial control systems (ICS) advisory: multiple memory‑safety and parsing flaws in DAQFactory Release 20.7 (Build 2555) and earlier can be triggered by specially crafted project files (.ctl), and the vendor has released a...

A high‑severity Man‑in‑the‑Middle (MitM) weakness in Siemens’ IAM client has been publicly disclosed and tracked as CVE‑2025‑40800: the client omits proper server certificate validation when establishing TLS connections to Siemens’ authorization servers, creating an exploitable channel for...