industrial cybersecurity

Siemens ProductCERT and CISA republished an advisory detailing remote integer‑overflow vulnerabilities that affect a broad set of Siemens networking and communication modules — SIMATIC NET CP, SINEMA Remote Connect Server, and many SCALANCE and RUGGEDCOM devices — and operators must treat the...

Siemens’ sprawling product portfolio remains at the center of a major, ongoing industrial‑security effort after a broad advisory—originally published by Siemens ProductCERT and republished by U.S. cyber authorities—relisted scores of SCALANCE, RUGGEDCOM, SIMATIC, SIMOTION, SIPLUS and related...

Siemens and upstream OpenSSL vulnerabilities that allow out-of-bounds reads — tracked under CVE-2021-3712 — remain a live operational risk across dozens of Siemens industrial networking, communications, and automation products; Siemens has published ProductCERT guidance and fixes for many...

Siemens and U.S. cyber authorities have republished a focused advisory addressing two low‑severity but operationally meaningful vulnerabilities in SINEC OS that affect the RUGGEDCOM RST2428P (6GK6242‑6PA00); the immediate mitigation is straightforward (block discovery UDP ports) but the broader...

Siemens’ cloud-hosted SIMATIC Virtualization as a Service (SIVaaS) has been found to expose a network share without authentication — a configuration defect that Siemens has cataloged as CVE-2025-40804 and scored as critical (CVSS v3.1 = 9.1; CVSS v4 = 9.3). This flaw allows unauthenticated...

Siemens has published a security advisory (SSA-027652) describing a privilege‑escalation vulnerability in its SINAMICS drive family that allows a factory reset and configuration manipulation without the required privileges, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA)...

Rockwell Automation’s FactoryTalk Analytics LogixAI has a serious configuration weakness that demands immediate attention from OT and IT teams: CISA republished an advisory assigning CVE-2025-9364 to an overly permissive Redis instance used by LogixAI, calling out exposure of sensitive system...

Rockwell Automation’s ControlLogix 5580 family has a newly republished advisory that raises the alarm for industrial operators: a remotely exploitable NULL pointer dereference in firmware version 35.013 can force a major nonrecoverable fault (MNRF) on affected controllers, producing a...

Rockwell Automation’s ThinManager has been flagged for a high-severity Server-Side Request Forgery (SSRF) flaw that can expose an industrial control system’s ThinServer service account NTLM credentials, according to a federal advisory reissued on September 9, 2025. The vulnerability—tracked...

A recently republished U.S. federal advisory warns that Rockwell Automation’s FactoryTalk Activation Manager contains a cryptographic implementation flaw that can be exploited remotely to decrypt or tamper with activation and management traffic — an issue assigned CVE‑2025‑7970 and rated with a...

Delta Electronics’ engineering tool EIP Builder contains an XML External Entity (XXE) vulnerability (CVE-2025-57704) that can expose sensitive files when the application parses crafted XML, and vendors and national incident responders now recommend an immediate upgrade to mitigate the risk...

Delta Electronics’ CNCSoft‑G2 has been the focus of a coordinated disclosure that exposes a file‑parsing out‑of‑bounds write (CWE‑787) in the DPAX project file handler — a flaw tracked as CVE‑2025‑47728 that can lead to arbitrary code execution when a user opens a specially crafted file, and...

Siemens’ Simcenter Femap has received a fresh security spotlight: two file‑parsing vulnerabilities that allow local code execution when a user opens specially crafted STP or BMP files, and Siemens has published fixed versions while U.S. authorities have republished the advisory for awareness...

In a significant escalation for industrial cybersecurity, a broad class of Siemens engineering software has been confirmed vulnerable to a type confusion deserialization flaw that can lead to arbitrary code execution when an attacker has local authenticated access. The issue—tracked under...

Siemens’ SINEC Traffic Analyzer has been the subject of a focused security disclosure cycle that culminated in a consolidated vendor advisory (SSA‑517338) and a republication through federal ICS channels, detailing a cluster of high‑to‑critical vulnerabilities that affect the product’s...

Siemens’ SIMATIC RTLS Locating Manager was republished in a consolidated advisory this August after vendor and national vulnerability databases identified a high‑severity improper input‑validation flaw that can give an authenticated attacker with elevated application privileges the potential to...

A recently republished CISA advisory warns that Rockwell Automation’s FactoryTalk Linx contains a serious improper access control flaw that—when triggered by setting Node.js’ process.env.NODE_ENV to "development"—can disable FTSP token validation and allow an attacker to create, update, or...

Rockwell Automation’s Micro800 line of programmable logic controllers (PLCs) has been the subject of a high-severity U.S. Cybersecurity and Infrastructure Security Agency (CISA) advisory republished on August 14, 2025, warning that multiple remotely exploitable vulnerabilities tied to Azure RTOS...

Siemens has disclosed an XML External Entity (XXE) vulnerability in multiple versions of SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER that can be triggered by specially crafted XML files and may allow an attacker to read arbitrary files from a compromised host; the issue has been...

A pair of high-severity vulnerabilities in Rockwell Automation’s ArmorBlock 5000 I/O webserver — tracked as CVE-2025-7773 and CVE-2025-7774 — create a realistic, low-complexity path for remote attackers to hijack or misuse web sessions on specific 5032-series modules, prompting immediate...