ics security

CISA published ICS advisory ICSA-26-148-06 on May 28, 2026, warning that KMW CCTV security cameras are vulnerable to a critical unauthenticated password-reset flaw that can let a remote attacker set the administrator password to a known value and take over camera feeds and settings. The bug is...

Siemens and CISA warned on May 14, 2026, that CVE-2025-40833 affects a broad range of Siemens industrial networking, controller, drive, power, and automation devices worldwide, allowing unauthenticated network attackers to crash affected systems with specially crafted IPv4 requests. The advisory...

Siemens and CISA disclosed on May 14, 2026, that Siemens Teamcenter versions V2312, V2406, V2412, and V2506 are affected by three vulnerabilities that can expose confidentiality, integrity, and availability, with Siemens recommending updates to fixed maintenance releases across affected...

CISA on May 12, 2026 published an industrial control systems advisory for Subnet Solutions PowerSYSTEM Center, warning that multiple authenticated-user flaws affect PSC 2020, PSC 2024, and PSC 2026 deployments used in critical manufacturing and energy environments worldwide. The vulnerabilities...

CISA republished ABB’s AWIN Gateways advisory on April 30, 2026, warning that three vulnerabilities in ABB AWIN GW100 rev.2 and GW120 firmware can expose configuration data or let an unauthenticated adjacent attacker reboot affected industrial gateway devices. The word adjacent does a lot of...

NSA GRASSMARLIN Vulnerability Brief — CVE-2026-6807 Executive summary CISA has published ICS Advisory ICSA-26-118-01 for NSA GRASSMARLIN, identifying CVE-2026-6807, a medium-severity information-disclosure vulnerability tied to improper handling of XML input. The vulnerability is classified as...

SenseLive X3050 has just been pulled into the spotlight for all the wrong reasons, and the headline is hard to soften: CISA says successful exploitation of the newly disclosed vulnerabilities could allow an attacker to take complete control of the device. The advisory covers SenseLive X3050...

SenseLive X3050 is the latest reminder that industrial and embedded devices often fail in clusters, not as isolated bugs. CISA says version X3050 V1.523 is affected by 11 vulnerabilities spanning authentication bypass, hard-coded credentials, insufficient session expiration, missing...

The industrial security world has a new reminder that even engineering software can become an attack path: Delta Electronics’ ASDA-Soft is affected by a stack-based buffer overflow that can let an attacker execute arbitrary code under the right conditions. The advisory ties the issue to...

The release of ICSA-26-099-02 turns a niche industrial product into a straightforward reminder of how dangerous missing authentication can be in operational technology. CISA says a low-privileged remote attacker could send Modbus packets to manipulate register values in GPL Odorizers GPL750...

Anritsu’s Remote Spectrum Monitor has landed in the crosshairs of a critical ICS security advisory because the device family exposes its management interface without authentication, opening the door to unauthorized configuration changes, sensitive signal-data exposure, and service disruption...

The latest CISA advisory on Automated Logic’s WebCTRL Premium Server is a reminder that building-automation software is no longer a niche OT concern; it is a live security issue with direct implications for commercial facilities worldwide. CISA says successful exploitation could let an attacker...

A high‑severity memory‑safety flaw in Portwell Engineering Toolkits (version 4.8.2) — tracked as CVE‑2026‑3437 — lets a local, authenticated user read and write arbitrary kernel memory through the product’s driver, creating a realistic path to local privilege escalation and denial‑of‑service on...

Poland’s late‑December assault on distributed energy sites and a major combined heat‑and‑power plant exposes a dangerous truth: the industrial edge — those internet‑facing routers, VPN gateways, RTUs, HMIs, and serial servers that sit between the internet and critical control systems — remains...

Columbia Weather Systems’ MicroServer devices have been flagged in a recent advisory as containing multiple firmware weaknesses that, if chained, could allow an attacker to redirect SSH sessions to a malicious host, seize administrative control of the web portal, and gain limited interactive...

Inductive Automation’s Ignition platform is the subject of a fresh, high‑impact advisory that warns an authenticated administrator can upload a malicious project containing Python scripts (Jython) which the Ignition Gateway executes with the Gateway service account privileges — and on Windows...

Mitsubishi Electric’s GT Designer3 — the engineering suite used to build and transfer HMIs for GOT series panels — remains in the crosshairs of ICS security teams after coordinated disclosures and multiple CISA advisories identified serious weaknesses in GT Designer3, the associated GT SoftGOT...

MAXHUB Pivot’s password‑reset weakness is a serious, actionable vulnerability that demands immediate attention from administrators who manage MAXHUB fleet services or integrate Pivot-managed displays into corporate and operational networks. The vendor and coordinating agency recommend an urgent...

A severe, unauthenticated remote code‑execution vulnerability in Industrial Video & Control’s Longwatch video surveillance and monitoring platform has been disclosed by CISA: an exposed HTTP endpoint in Longwatch versions 6.309 through 6.334 allows specially crafted HTTP GET requests to execute...

The newly disclosed advisory for Iskra’s iHUB and iHUB Lite smart‑metering gateways warns of a severe, remotely exploitable weakness: the devices’ web management interface can be accessed and used to change critical settings without any authentication, allowing an unauthenticated attacker to...