industrial cybersecurity

Schneider Electric’s EcoStruxure Machine Expert HVAC versions before 1.10.0 contain a medium-severity cleartext storage vulnerability, disclosed by Schneider on May 12, 2026 and republished by CISA on May 28, that can expose protected controller source code to an authorized local attacker. The...

CISA republished ABB’s B&R advisory on May 26, 2026, warning that CVE-2025-3450 can let an unauthenticated network attacker abuse the System Diagnostics Manager in affected Automation Runtime versions before 6.3 and Q4.93 to delete data and trigger denial-of-service conditions. The uncomfortable...

CISA on May 26, 2026 republished ABB’s advisory for CVE-2025-7745, a medium-severity buffer over-read flaw in ABB AC500 V2 PLC firmware that can expose fragments of earlier Modbus responses when unsupported function codes are sent to the device’s Modbus server. The bug is not a headline-grabbing...

ABB’s May 26, 2026 CISA republication of ABB PSIRT advisory 2NGA002743 warns that ABB Ability zenon versions 7.50 through 14 expose an unauthenticated Remote Transport Service path that can reboot a target machine on reachable networks. The bug, CVE-2025-8754, is not a code-execution disaster...

ABB Ability Camera Connect versions 1.5.0.14 and earlier, along with version 1.5.0.15, are affected by critical vulnerabilities inherited from an outdated bundled VLC media player component, according to a CISA republication issued on May 26, 2026. The immediate fix is straightforward: update...

Hitachi Energy’s GMS600 versions 1.3.0 and 1.3.1 are affected by CVE-2022-4304, an OpenSSL RSA timing-side-channel vulnerability republished by CISA on May 21, 2026, with the vendor’s remediation pointing operators to GMS600 version 1.3.2. The bug is not a new zero-day, and it is not the kind of...

CISA on May 19, 2026, republished ABB’s advisory for CVE-2025-3465, a high-severity path traversal flaw in CoreSense HM and CoreSense M10 that affects worldwide deployments in food and agriculture, commercial facilities, and critical manufacturing when vulnerable local web interfaces are...

On May 19, 2026, CISA republished Siemens ProductCERT’s advisory for Siemens RUGGEDCOM APE1808 devices, warning that all versions are affected by CVE-2026-0300, a critical Palo Alto Networks PAN-OS buffer overflow that can allow unauthenticated root-level code execution. The advisory is formally...

Siemens and CISA warned on May 12 and May 14, 2026, respectively, that the web server in a broad set of SIMATIC S7 PLCs contains three cross-site scripting vulnerabilities affecting S7-1500, ET 200SP, Drive Controller, Software Controller, SIPLUS, and PLCSIM Advanced products. The flaw class is...

Siemens Opcenter RDnL installations worldwide are affected by CVE-2026-27446, a high-severity Apache ActiveMQ Artemis authentication flaw republished by CISA on May 14, 2026, after Siemens ProductCERT’s May 12 advisory warned that all Opcenter RDnL versions are known affected. The bug is not a...

Siemens disclosed on May 12, 2026, that RUGGEDCOM ROX versions before 2.17.1 contain CVE-2025-40947, an authenticated remote command-injection flaw in the feature key installation process affecting MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000...

Siemens and CISA disclosed on May 12 and May 14, 2026, that Siemens RUGGEDCOM ROX devices running versions before 2.17.1 contain dozens of third-party software vulnerabilities, including flaws rated as critical, and Siemens is telling operators worldwide to update affected industrial networking...

Siemens and CISA warned on May 12 and May 14, 2026, that SIMATIC CN 4100 communication nodes running versions before V5.0 contain multiple vulnerabilities, with Siemens releasing V5.0 and urging industrial operators worldwide to update affected deployments in critical manufacturing environments...

Siemens and CISA disclosed on May 12–14, 2026, that Siemens gPROMS Web Applications Publisher versions before 3.1.1 are affected by CVE-2026-40175, an Axios-linked vulnerability that can allow remote code execution under specific conditions. The advisory is narrow in product scope but broad in...

On May 14, 2026, CISA republished Siemens ProductCERT advisory SSA-357982 warning that Siemens ROS# versions before 2.2.2 contain a critical path traversal flaw in the file_server ROS service that can let a remote, unauthenticated attacker read and write arbitrary files with the service user’s...

CISA republished ABB’s advisory for CVE-2024-41975 on May 12, 2026, warning that ABB Automation Builder Gateway for Windows before version 2.9.0 can listen remotely by default on TCP port 1217, exposing PLC discovery to unauthenticated network attackers in industrial environments worldwide. The...

On May 5, 2026, CISA republished ABB’s advisory for CVE-2026-0936, a medium-severity information-disclosure flaw in ABB B&R PVI client software that can expose credentials through client-side log files when logging has been explicitly enabled. The bug is not a remote-code-execution fire alarm...

CISA republished ABB’s April 2026 advisory on April 30, 2026, warning that ABB Ability Symphony Plus S+ Engineering versions 2.2 through 2.4 SP2 are exposed to four PostgreSQL vulnerabilities that can allow authenticated attackers on the S+ client/server network to execute code or SQL. The...

ABB Ability Symphony Plus Engineering versions 2.2 through 2.4 SP2 are affected by four high-severity PostgreSQL vulnerabilities disclosed in a CISA industrial-control-system advisory republished on April 30, 2026, with ABB directing customers to upgrade to S+ Engineering 2.4 SP2 RU1 or later...

CISA and partner agencies have released new joint guidance urging owners and operators of operational technology systems to adapt zero trust principles to industrial environments where connected sensors, remote access, legacy controllers, and safety-critical processes have made old perimeter...