You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
industrial cybersecurity
About this tag
Industrial cybersecurity on WindowsForum.com covers vulnerabilities and patches in operational technology (OT) and industrial control systems (ICS) from vendors like ABB, Rockwell Automation, Hitachi Energy, Digi, and B&R. Discussions focus on CVE advisories, firmware updates, and the unique challenges of securing air-gapped networks, engineering workstations, and embedded devices. Recurring themes include authentication bypass, memory corruption, and the risk of inherited vulnerabilities from common infrastructure like NGINX or XZ Utils. The tag emphasizes practical defense: treating every patch as critical, recognizing that air gaps are workflows not walls, and understanding that industrial systems often lag behind consumer software in update cycles.
ABB has fixed CVE-2026-31431, the high-severity “Copy Fail” Linux kernel vulnerability, in Ability Edgenius 3.2.4.1 after warning that locally authenticated users or compromised container workloads could gain root privileges on affected bE100, E3100C, and vE1000 systems. CISA also published the...
CISA published an advisory warning that Rockwell Automation 1715-AENTR firmware through version 3.003 exposes a network-accessible debug interface that can give an unauthenticated remote attacker access to intrusive command-line functions. Tracked as CVE-2026-10577 and rated 10 out of 10 under...
ABB has fixed four security vulnerabilities in T-MAC Plus 4.0-24, including a critical file-disclosure flaw and a broken-access-control bug that could let a low-privileged account perform administrative operations. The remedy is T-MAC Plus 4.0-25, and operators should treat the upgrade as more...
CISA published advisory ICSA-26-188-06 on July 7, 2026, warning that Labcenter Electronics Proteus 9.1 SP4 Build 42914 contains three high-severity memory-safety vulnerabilities that can disclose information and allow arbitrary code execution when a user opens malicious content. The practical...
Hitachi Energy and CISA warned on July 7, 2026, that e-mesh EMS versions 4.1.6, 4.4.2, and 4.7.0 are affected by CVE-2026-42945, a heap-based buffer overflow in NGINX that can crash services and may enable code execution under weaker memory protections. The advisory is not just another line item...
CISA warned on July 7, 2026, that Digi International PortServer TS and Digi One SP, SP IA, IA, and IAP serial device servers running pre-2025 firmware contain an authentication bypass in their web interface that can let unauthenticated attackers reach restricted device resources. The advisory...
An air-gapped OT network is an industrial control environment with no direct internet or untrusted-network connection, used in plants, utilities, SCADA systems, and safety-critical infrastructure to reduce exposure while still relying on controlled transfer paths such as removable media, manual...
CISA republished ABB PSIRT advisory SA26P009 on June 30, 2026, warning that CVE-2025-31115 in XZ Utils affects multiple B&R Industrial Automation terminal products worldwide, with fixed Terminal OS releases now available for PPC3100, C50, C80, FT50, MT50, T30, T80, and T50 devices. The flaw is...
Mitsubishi Electric disclosed on June 30, 2026, that MELSOFT Update Manager SW1DND-UDM-M versions 1.000A through 1.014Q contain multiple vulnerabilities in the bundled 7-Zip component, with fixed version 1.015R or later now designated as the remediation. The narrow version range makes this look...
Schneider Electric’s PowerLogic P7 protection and control platform, used in advanced electrical network environments worldwide, is affected by three disclosed vulnerabilities in firmware version 0.2.003.001.000 and earlier, with CISA republishing Schneider’s advisory on June 25, 2026, after the...
ABB and CISA warned in June 2026 that CVE-2025-7064 affects ABB Freelance Security Lock across Freelance versions from 2013-era systems through Freelance 2024, allowing a local authenticated attacker to bypass operator restrictions and reach Windows functions under certain configurations. The...
Siemens’ WinCC Certificate Manager vulnerability, disclosed by Siemens ProductCERT on June 9, 2026 and republished by CISA on June 23, affects SIMATIC WinCC Unified PC Runtime versions V16 through V21 before V21 Update 2, exposing insufficiently protected cryptographic key material on local...
On June 18, 2026, CISA republished Mitsubishi Electric’s advisory for CVE-2026-8806, a high-severity denial-of-service flaw affecting all versions of the MELSEC iQ-F Series FX5-ENET/IP Ethernet module used in industrial control networks worldwide, with no firmware fix currently planned. The...
Mitsubishi Electric and CISA disclosed on June 18, 2026, that MELSEC iQ-F Series FX5-EIP EtherNet/IP modules running version 1.000 or earlier are vulnerable to a remotely triggerable denial-of-service flaw tracked as CVE-2026-8805. The fix is firmware version 1.001 or later, but the more...
On June 18, 2026, CISA published ICS advisory ICSA-26-169-07 for Schneider Electric Easergy, EcoStruxure, PowerLogic, Saitel, and related power-automation products affected by CVE-2026-4827, an insufficient-entropy flaw that can enable unauthorized access through weakened session management. The...
On June 18, 2026, CISA republished Rockwell Automation’s SD1773 advisory warning that FactoryTalk Historian Site Edition 11 and earlier releases contain three vulnerabilities that can let attackers obtain valid authentication tokens, trigger denial-of-service conditions, or crash affected...
Schneider Electric and CISA are warning that CVE-2026-6865 affects EasyLogic T150 firmware version 11.06.31 and earlier and Saitel DP firmware version 11.06.36 and earlier, allowing authenticated users to access sensitive files through a path traversal flaw in server-side file handling. The fix...
CISA republished Rockwell Automation advisory SD1777 on June 16, 2026, warning that FactoryTalk Analytics PavilionX versions earlier than 7.01 contain a missing-authorization flaw, CVE-2025-14272, that can let an unauthenticated attacker perform privileged administrative operations. The advisory...
Schneider Electric’s April 14, 2026 advisory, republished by CISA on June 9, warns that all versions of its Connexium, Modicon, and Modicon Redundancy managed switches can be exposed to CVE-2024-3596 if administrators disable RADIUS Message-Authenticator protection. The alert is not about a...
Schneider Electric’s EcoStruxure Machine Expert HVAC versions before 1.10.0 contain a medium-severity cleartext storage vulnerability, disclosed by Schneider on May 12, 2026 and republished by CISA on May 28, that can expose protected controller source code to an authorized local attacker. The...