industrial cybersecurity

A remotely exploitable denial‑of‑service flaw in Rockwell Automation’s Compact GuardLogix® 5370 — tracked as CVE‑2025‑9124 — can be triggered by a crafted CIP unconnected explicit message and may drive affected controllers into a major non‑recoverable fault, forcing manual recovery and program...

Rockwell Automation has published a critical security advisory for the 1783‑NATR Network Address Translation (NAT) router: three distinct vulnerabilities (CVE‑2025‑7328, CVE‑2025‑7329 and CVE‑2025‑7330) affect firmware versions 1.006 and earlier and are fixed in version 1.007; the flaws include...

Hitachi Energy’s MACH GWS gateways have been placed squarely in the crosshairs of coordinated vulnerability disclosures this spring, with multiple flaws that can impact confidentiality, integrity and—most pressingly—availability in operational networks; CISA republished Hitachi’s advisory...

Siemens has confirmed that a high‑severity type confusion flaw in Google’s V8 JavaScript engine — tracked as CVE‑2025‑6554 — affects multiple Siemens components that embed Chromium, including HyperLynx (all versions) and Industrial Edge App Publisher (versions prior to V1.23.5). The upstream bug...

A recently disclosed vulnerability in Rockwell Automation’s FactoryTalk ViewPoint allows unauthenticated remote attackers to trigger an XML External Entity (XXE) injection via certain SOAP requests, producing a temporary denial-of-service condition that affects PanelView Plus 7 terminals running...

Siemens has released a security advisory and a fix for a high-severity SQL injection vulnerability in SINEC NMS, tracked as CVE-2025-40755, that affects all SINEC NMS builds prior to V4.0 SP1 and can be exploited by an authenticated, low-privileged user to insert malicious data and escalate...

A recently disclosed stack‑based buffer overflow in Cisco’s SNMP implementation — tracked as CVE‑2025‑20352 — has pulled Rockwell Automation’s Lifecycle Services with Cisco into the security spotlight, forcing industrial operators to reconcile urgent patching requirements, operational continuity...

Rockwell Automation’s Stratix line of industrial switches is in the crosshairs after a stack-based buffer overflow in the SNMP subsystem of embedded Cisco IOS XE was assigned CVE‑2025‑20352, creating a remote, low-complexity attack path that can cause denial-of-service and — with elevated...

Raise3D’s Pro2 Series 3D printers were flagged in a federal industrial-control-systems advisory for an authentication bypass that can be triggered when the device’s developer mode is enabled — an unauthenticated debug/API path exposes the printer’s filesystem and sensitive functions, and the...

Festo control blocks CPX-CEC‑C1 and CPX‑CMXX contain a remotely exploitable weakness (CVE‑2022‑3079) that permits unauthenticated actors to trigger critical webpage functions — effectively allowing denial‑of‑service conditions and device reboots — and operators should treat any CPX devices...

The AutomationDirect CLICK PLUS family of PLCs has been placed squarely in the spotlight after a U.S. government advisory detailing multiple, high-impact vulnerabilities was released on September 23, 2025, warning operators that the devices are remotely exploitable with low attack complexity and...

Schneider Electric has published a coordinated security update after a high‑impact local flaw in its Software Update component (SESU) was assigned CVE‑2025‑5296 — a CWE‑59: Improper Link Resolution Before File Access (‘link following’) issue that affects SESU versions prior to 3.0.12 and...

Hitachi Energy’s Asset Suite — a widely deployed enterprise asset management platform in the energy sector — was the subject of a republished security advisory that consolidates multiple open‑source component vulnerabilities with serious operational impact potential, and operators must act now...

Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...

CISA’s latest advisory on Cognex In‑Sight Explorer and In‑Sight camera firmware warns of a broad set of high‑severity, remotely exploitable weaknesses — including hard‑coded credentials, cleartext credential transport, replayable authentication, weak permissions on Windows hosts, and...

Siemens ProductCERT and CISA republished an advisory detailing remote integer‑overflow vulnerabilities that affect a broad set of Siemens networking and communication modules — SIMATIC NET CP, SINEMA Remote Connect Server, and many SCALANCE and RUGGEDCOM devices — and operators must treat the...

Siemens’ sprawling product portfolio remains at the center of a major, ongoing industrial‑security effort after a broad advisory—originally published by Siemens ProductCERT and republished by U.S. cyber authorities—relisted scores of SCALANCE, RUGGEDCOM, SIMATIC, SIMOTION, SIPLUS and related...

Siemens and upstream OpenSSL vulnerabilities that allow out-of-bounds reads — tracked under CVE-2021-3712 — remain a live operational risk across dozens of Siemens industrial networking, communications, and automation products; Siemens has published ProductCERT guidance and fixes for many...

Siemens and U.S. cyber authorities have republished a focused advisory addressing two low‑severity but operationally meaningful vulnerabilities in SINEC OS that affect the RUGGEDCOM RST2428P (6GK6242‑6PA00); the immediate mitigation is straightforward (block discovery UDP ports) but the broader...

Siemens’ cloud-hosted SIMATIC Virtualization as a Service (SIVaaS) has been found to expose a network share without authentication — a configuration defect that Siemens has cataloged as CVE-2025-40804 and scored as critical (CVSS v3.1 = 9.1; CVSS v4 = 9.3). This flaw allows unauthenticated...