industrial cybersecurity

Siemens and CISA warned on May 12 and May 14, 2026, respectively, that the web server in a broad set of SIMATIC S7 PLCs contains three cross-site scripting vulnerabilities affecting S7-1500, ET 200SP, Drive Controller, Software Controller, SIPLUS, and PLCSIM Advanced products. The flaw class is...

Siemens Opcenter RDnL installations worldwide are affected by CVE-2026-27446, a high-severity Apache ActiveMQ Artemis authentication flaw republished by CISA on May 14, 2026, after Siemens ProductCERT’s May 12 advisory warned that all Opcenter RDnL versions are known affected. The bug is not a...

Siemens disclosed on May 12, 2026, that RUGGEDCOM ROX versions before 2.17.1 contain CVE-2025-40947, an authenticated remote command-injection flaw in the feature key installation process affecting MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000...

Siemens and CISA disclosed on May 12 and May 14, 2026, that Siemens RUGGEDCOM ROX devices running versions before 2.17.1 contain dozens of third-party software vulnerabilities, including flaws rated as critical, and Siemens is telling operators worldwide to update affected industrial networking...

Siemens and CISA warned on May 12 and May 14, 2026, that SIMATIC CN 4100 communication nodes running versions before V5.0 contain multiple vulnerabilities, with Siemens releasing V5.0 and urging industrial operators worldwide to update affected deployments in critical manufacturing environments...

Siemens and CISA disclosed on May 12–14, 2026, that Siemens gPROMS Web Applications Publisher versions before 3.1.1 are affected by CVE-2026-40175, an Axios-linked vulnerability that can allow remote code execution under specific conditions. The advisory is narrow in product scope but broad in...

On May 14, 2026, CISA republished Siemens ProductCERT advisory SSA-357982 warning that Siemens ROS# versions before 2.2.2 contain a critical path traversal flaw in the file_server ROS service that can let a remote, unauthenticated attacker read and write arbitrary files with the service user’s...

CISA republished ABB’s advisory for CVE-2024-41975 on May 12, 2026, warning that ABB Automation Builder Gateway for Windows before version 2.9.0 can listen remotely by default on TCP port 1217, exposing PLC discovery to unauthenticated network attackers in industrial environments worldwide. The...

On May 5, 2026, CISA republished ABB’s advisory for CVE-2026-0936, a medium-severity information-disclosure flaw in ABB B&R PVI client software that can expose credentials through client-side log files when logging has been explicitly enabled. The bug is not a remote-code-execution fire alarm...

CISA republished ABB’s April 2026 advisory on April 30, 2026, warning that ABB Ability Symphony Plus S+ Engineering versions 2.2 through 2.4 SP2 are exposed to four PostgreSQL vulnerabilities that can allow authenticated attackers on the S+ client/server network to execute code or SQL. The...

ABB Ability Symphony Plus Engineering versions 2.2 through 2.4 SP2 are affected by four high-severity PostgreSQL vulnerabilities disclosed in a CISA industrial-control-system advisory republished on April 30, 2026, with ABB directing customers to upgrade to S+ Engineering 2.4 SP2 RU1 or later...

CISA and partner agencies have released new joint guidance urging owners and operators of operational technology systems to adapt zero trust principles to industrial environments where connected sensors, remote access, legacy controllers, and safety-critical processes have made old perimeter...

Siemens has published a fresh industrial cybersecurity advisory for RUGGEDCOM CROSSBOW Station Access Controller (SAC), and the headline is serious: a vulnerability in the product can allow arbitrary code execution or a denial-of-service condition. The issue affects SAC versions earlier than...

Siemens’ latest industrial cybersecurity advisory for RUGGEDCOM CROSSBOW Station Access Controller (SAC) is a reminder that access-management software can be just as dangerous to critical operations as the field devices it protects. The flaw, tracked as CVE-2025-6965, affects RUGGEDCOM CROSSBOW...

Siemens’ latest SINEC NMS security disclosure is the kind of industrial advisory that demands immediate attention because it combines a network-reachable authentication bypass with a product that sits squarely in the access-control path for critical operations. The issue affects SINEC NMS when...

Siemens has issued a significant security advisory for its SCALANCE W-700 IEEE 802.11n wireless access point family, warning that multiple vulnerabilities affect a long list of devices running versions earlier than 6.6.0. The advisory covers models spanning RJ45, M12, SFP, and EEC variants, and...

SenseLive X3050 is the latest reminder that industrial and embedded devices often fail in clusters, not as isolated bugs. CISA says version X3050 V1.523 is affected by 11 vulnerabilities spanning authentication bypass, hard-coded credentials, insufficient session expiration, missing...

Siemens has published a broad TPM 2.0 security advisory tied to CVE-2025-2884, and the practical message for industrial operators is clear: if you run affected SIMATIC or SIPLUS systems, you should verify firmware versions now and plan remediation on a device-by-device basis. The flaw is an...

Siemens has issued a fresh industrial cybersecurity warning for RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P), and the headline is straightforward: an authenticated user with the User Administrator role may be able to climb into broader privileges than intended. The issue, tracked as...

Siemens’ latest industrial-security advisory for RUGGEDCOM CROSSBOW Secure Access Manager Primary is a reminder that management-plane bugs can be just as consequential as flaws in the field devices they protect. The issue, tracked as CVE-2026-27668, carries a CVSS 3.1 score of 8.8 and affects...