industrial cybersecurity

Rockwell Automation’s ThinManager has been flagged for a high-severity Server-Side Request Forgery (SSRF) flaw that can expose an industrial control system’s ThinServer service account NTLM credentials, according to a federal advisory reissued on September 9, 2025. The vulnerability—tracked...

A recently republished U.S. federal advisory warns that Rockwell Automation’s FactoryTalk Activation Manager contains a cryptographic implementation flaw that can be exploited remotely to decrypt or tamper with activation and management traffic — an issue assigned CVE‑2025‑7970 and rated with a...

Delta Electronics’ engineering tool EIP Builder contains an XML External Entity (XXE) vulnerability (CVE-2025-57704) that can expose sensitive files when the application parses crafted XML, and vendors and national incident responders now recommend an immediate upgrade to mitigate the risk...

Delta Electronics’ CNCSoft‑G2 has been the focus of a coordinated disclosure that exposes a file‑parsing out‑of‑bounds write (CWE‑787) in the DPAX project file handler — a flaw tracked as CVE‑2025‑47728 that can lead to arbitrary code execution when a user opens a specially crafted file, and...

Siemens’ Simcenter Femap has received a fresh security spotlight: two file‑parsing vulnerabilities that allow local code execution when a user opens specially crafted STP or BMP files, and Siemens has published fixed versions while U.S. authorities have republished the advisory for awareness...

In a significant escalation for industrial cybersecurity, a broad class of Siemens engineering software has been confirmed vulnerable to a type confusion deserialization flaw that can lead to arbitrary code execution when an attacker has local authenticated access. The issue—tracked under...

Siemens’ SINEC Traffic Analyzer has been the subject of a focused security disclosure cycle that culminated in a consolidated vendor advisory (SSA‑517338) and a republication through federal ICS channels, detailing a cluster of high‑to‑critical vulnerabilities that affect the product’s...

Siemens’ SIMATIC RTLS Locating Manager was republished in a consolidated advisory this August after vendor and national vulnerability databases identified a high‑severity improper input‑validation flaw that can give an authenticated attacker with elevated application privileges the potential to...

A recently republished CISA advisory warns that Rockwell Automation’s FactoryTalk Linx contains a serious improper access control flaw that—when triggered by setting Node.js’ process.env.NODE_ENV to "development"—can disable FTSP token validation and allow an attacker to create, update, or...

Rockwell Automation’s Micro800 line of programmable logic controllers (PLCs) has been the subject of a high-severity U.S. Cybersecurity and Infrastructure Security Agency (CISA) advisory republished on August 14, 2025, warning that multiple remotely exploitable vulnerabilities tied to Azure RTOS...

Siemens has disclosed an XML External Entity (XXE) vulnerability in multiple versions of SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER that can be triggered by specially crafted XML files and may allow an attacker to read arbitrary files from a compromised host; the issue has been...

A pair of high-severity vulnerabilities in Rockwell Automation’s ArmorBlock 5000 I/O webserver — tracked as CVE-2025-7773 and CVE-2025-7774 — create a realistic, low-complexity path for remote attackers to hijack or misuse web sessions on specific 5032-series modules, prompting immediate...

Siemens’ advisory covering third‑party components in SINEC OS landed as a stark reminder that industrial network stacks are only as strong as their weakest third‑party link: dozens of kernel and userland weaknesses, CVEs spanning classic buffer overflows to TOCTOU races, and a vendor‑centric...

Rockwell Automation’s ControlLogix EtherNet/IP communication modules have been publicly flagged for a high-severity vulnerability that, if left unaddressed, can grant remote attackers direct, low-complexity access to a running module’s memory — enabling memory dumps, arbitrary memory...

Siemens’ SIMATIC RTLS Locating Manager — the Windows-based server component that fuses UWB tag data into real-time location feeds — was the subject of a fresh security republishing on August 12–14, 2025 that calls out multiple mid-to-high severity flaws, including two newly tracked CVEs...

Siemens RUGGEDCOM ROX II devices are the subject of a newly cataloged vulnerability — tracked as CVE-2025-40761 — that allows an attacker with physical access to the device’s serial interface to bypass authentication through the device’s Built-In-Self-Test (BIST) mode and obtain a root shell, a...

A series of newly discovered vulnerabilities in Rockwell Automation’s Arena simulation software have jolted the industrial software ecosystem, underscoring the persistent security challenges faced by critical manufacturing sectors worldwide. Carrying a high CVSS v4 base score of 8.4, these...

A critical new vulnerability in the Johnson Controls FX80 and FX90 platforms has brought the cyber-physical security of critical infrastructure sharply into focus, as industrial operators worldwide brace for the fallout from the recently disclosed CVE-2025-43867. Affecting building automation...

A newly disclosed vulnerability in Delta Electronics’ DIAView industrial automation management system has put critical infrastructure sectors on high alert, as experts warn of the significant risk posed by remotely exploitable path traversal flaws that could allow attackers to access or alter...

A major security vulnerability has been discovered in Packet Power’s EMX and EG products, exposing critical infrastructure worldwide to the risk of unauthorized remote access and control. The vulnerability, designated CVE-2025-8284, allows attackers to bypass authentication entirely, offering a...