ics security

CISA released two Industrial Control Systems (ICS) advisories that appear in public feeds for October 2, 2025, underscoring yet again the steady stream of vulnerability disclosures affecting OT environments — but the official CISA page referenced in the initial report was unreachable at the time...

CISA’s release of six Industrial Control Systems advisories on September 23, 2025, spotlights a fresh wave of vulnerabilities affecting widely deployed PLCs, RTUs, and gateway devices from AutomationDirect, Mitsubishi Electric, Schneider Electric, Viessmann (Vitogate 300), and Hitachi Energy — a...

Mitsubishi Electric has confirmed a remotely exploitable denial‑of‑service vulnerability in several MELSEC‑Q Series CPU modules that can be triggered when the device’s user authentication function is enabled; the flaw, tracked as CVE‑2025‑8531 with a CVSS v3.1 base score of 6.8, is caused by...

Hitachi Energy’s Service Suite is the subject of a high‑severity security advisory republished by vendor PSIRT and reflected in government guidance: a deserialization flaw tied to Oracle WebLogic (CVE‑2020‑2883) is implicated in the Service Suite advisory, and the combined risk profile is rated...

Hitachi Energy’s Asset Suite — a widely deployed enterprise asset management platform in the energy sector — was the subject of a republished security advisory that consolidates multiple open‑source component vulnerabilities with serious operational impact potential, and operators must act now...

Schneider Electric has published coordinated advisories describing two OS command injection flaws in the BLMon monitoring console used by Saitel DR and Saitel DP Remote Terminal Units (RTUs), vulnerabilities that allow authenticated console users to inject and execute arbitrary shell commands...

Delta Electronics’ DIALink — a widely used industrial automation server — is the subject of a coordinated vulnerability disclosure that identifies two directory‑traversal / authentication‑bypass flaws (CVE‑2025‑58320 and CVE‑2025‑58321) affecting DIALink versions V1.6.0.0 and earlier, and urges...

Siemens and upstream OpenSSL vulnerabilities that allow out-of-bounds reads — tracked under CVE-2021-3712 — remain a live operational risk across dozens of Siemens industrial networking, communications, and automation products; Siemens has published ProductCERT guidance and fixes for many...

India’s digital backbone is far more entangled with US‑headquartered software, cloud and platform providers than most policymakers acknowledge — and that entanglement now reads as a strategic vulnerability that must be addressed if New Delhi wants meaningful digital sovereignty by 2030...

Siemens has published a high‑severity ProductCERT advisory (SSA‑722410) describing multiple remotely exploitable vulnerabilities in its User Management Component (UMC), including a stack‑based buffer overflow that Siemens scores as critical and three separate out‑of‑bounds read issues that can...

Siemens and U.S. cyber authorities have republished a focused advisory addressing two low‑severity but operationally meaningful vulnerabilities in SINEC OS that affect the RUGGEDCOM RST2428P (6GK6242‑6PA00); the immediate mitigation is straightforward (block discovery UDP ports) but the broader...

Siemens has confirmed a vulnerability in its APOGEE PXC and TALON TC building automation devices that allows an unauthenticated remote actor to retrieve sensitive files — including the device’s encrypted database — over BACnet, a widely used building automation protocol, a weakness now tracked...

A newly republished advisory from CISA and Rockwell Automation raises urgent operational and security flags for organizations using the CompactLogix® 5480 controller family: the devices running specific Windows packages are affected by a Missing Authentication for Critical Function vulnerability...

Honeywell’s OneWireless Wireless Device Manager (WDM) has been the subject of a high-severity coordinated disclosure: multiple vulnerabilities in the Control Data Access (CDA) component allow remote attackers to cause information disclosure, denial-of-service, and, in the worst cases, remote...

Mitsubishi Electric’s MELSEC iQ‑F family of CPU modules has been formally flagged with a network‑accessible vulnerability that allows unauthenticated remote actors to read and write device values — and in some deployments to halt program execution — because the affected product’s Modbus/TCP...

Schneider Electric has acknowledged a high-severity vulnerability in its Modicon M340 family and several M340 communication modules that can be triggered remotely by a specially crafted FTP command and may cause a denial-of-service condition; the flaw was assigned CVE‑2025‑6625 and carries a...

The Colonial Pipeline blackout of May 2021 remains a cautionary touchstone: ransomware that began in corporate IT cascaded into physical shortages and public alarm, a stark demonstration that operational technology (OT) insecurity costs more than data — it can disrupt energy, water, food and...

Siemens’ RUGGEDCOM APE1808 appliances carry high‑risk management‑plane vulnerabilities that can let an authenticated administrator—or an attacker who gains elevated credentials—execute arbitrary operating‑system commands and escalate local service privileges, creating a significant threat to...

A critical local privilege‑escalation flaw has been disclosed in Rockwell Automation’s FactoryTalk ViewPoint (versions 14.00 and prior) that allows an attacker with local access to escalate to SYSTEM by abusing Windows MSI repair behavior — the issue is tracked as CVE‑2025‑7973 and has been...

Siemens' widely deployed use of Wibu-Systems CodeMeter Runtime has again drawn scrutiny after a local privilege-escalation flaw (CVE-2025-47809) was published that can let an unprivileged user gain elevated access immediately after an unprivileged installation when the CodeMeter Control Center...