You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ot cybersecurity
About this tag
OT cybersecurity on WindowsForum.com covers operational technology security advisories from CISA and vendors like Rockwell Automation, Delta Electronics, AzeoTech, Hitachi Energy, and ABB. Discussions focus on vulnerabilities in industrial control systems, engineering workstations, and middleware that run on Windows. Recurring themes include deserialization flaws, buffer overflows, credential leaks, and denial-of-service risks in PLCs, adapters, and configuration tools. The content emphasizes that local, user-assisted bugs in OT environments can have broad operational impact, and that patch management and workstation hygiene remain critical for industrial security.
CISA on June 25, 2026, republished a Delta Electronics advisory for DTM Soft, warning that all versions are affected by CVE-2026-12578, a high-severity deserialization flaw that can allow arbitrary code execution when a user opens a malicious project file. The headline is not that another...
On June 18, 2026, CISA published ICS advisory ICSA-26-169-02 warning that AzeoTech DAQFactory 21.1 and earlier contains a type-confusion flaw, CVE-2026-12390, that can let a malicious .ctl project file trigger arbitrary code execution when opened by a user. The advisory is narrow in technical...
CISA on June 16, 2026 republished Rockwell Automation Security Advisory SD1776 as ICSA-26-167-04, warning that CompactLogix 5370 L1, L2, and L3 controllers used worldwide in critical manufacturing are affected by vulnerabilities that could let an attacker trigger a denial-of-service condition...
On June 16, 2026, CISA republished Rockwell Automation advisory SD1775 warning that two vulnerabilities in FLEX I/O EtherNet/IP adapters 1794-AENTR and 1794-AENTRXT firmware version 2.012 could enable unauthorized access, account takeover, and loss of availability in industrial environments. The...
On June 16, 2026, CISA republished Rockwell Automation Advisory SD1774 for RSLinx Classic, warning that versions 4.50.00 and earlier are affected by CVE-2020-13573, a remotely reachable vulnerability that can leave the application unresponsive until operators intervene. The headline sounds...
On June 16, 2026, CISA republished Rockwell Automation advisory SD1772 warning that several Logix 5370 and 5570 controller families can be forced into denial of service by a crafted CIP message, potentially causing a major nonrecoverable fault that requires a program download to restore...
Hitachi Energy’s MACH HiDraw versions 9.22 and earlier are affected by CVE-2026-7310, a locally exploitable heap-based buffer overflow in the product’s XML parser that CISA republished on June 4, 2026, after Hitachi Energy’s May 26 advisory. The flaw is not the sort of remote, wormable bug that...
ABB’s LVS MConfig versions 1.4.9.21 and earlier contain a high-severity credential-handling vulnerability, CVE-2025-9970, republished by CISA on May 26, 2026, after ABB’s October 8, 2025 advisory for its low-voltage switchgear configuration software. The flaw is not a flashy remote takeover bug...
Siemens and CISA disclosed on May 12–14, 2026, that SIMATIC HMI Unified Comfort Panels before V21.0 contain CVE-2026-27662, a high-severity flaw that can let an unauthenticated local attacker reach the built-in web browser through the Control Panel help link. The bug is not a spectacular...
ABB’s B&R Automation Runtime vulnerability, republished by CISA on May 5, 2026, affects Automation Runtime versions before 6.5 and before R4.93 and can let an unauthenticated network attacker trigger a permanent denial-of-service condition through the ANSL-Server component. It is not a...
CISA republished ABB’s advisory for CVE-2025-11043 on May 5, 2026, warning that B&R Automation Studio versions before 6.5 improperly validate server certificates in OPC UA and ANSL-over-TLS client connections, enabling a network-positioned attacker to impersonate a trusted server. The bug is not...
CISA republished ABB’s advisory for PCM600 on April 30, 2026, warning that versions 1.5 through 2.13 of ABB’s protection and control IED management software contain a SharpZipLib path traversal flaw that can let crafted messages cause arbitrary code execution on a system node. The fix is PCM600...
CISA republished ABB’s advisory for CVE-2025-14510 on April 30, 2026, warning that affected ABB Ability OPTIMAX installations using Azure Active Directory single sign-on can be exposed to an authentication bypass in energy and water-sector environments worldwide. The bug is not the largest...
CISA on April 30, 2026 republished ABB’s advisory for CVE-2025-10571, a critical authentication-bypass flaw in ABB Ability Edgenius Management Portal versions 3.2.0.0 and 3.2.1.1 that can let a network-adjacent attacker run code and alter deployed applications. The uncomfortable part is not...
Siemens’ SINEC NMS has landed in the crosshairs of a high-severity authorization bypass flaw, and the practical consequence is hard to ignore: an authenticated remote attacker could potentially reset the password of any arbitrary user account. Siemens says the issue affects versions before V4.0...
Siemens has patched a high-severity authentication bypass in SINEC NMS that affects installations using the User Management Component (UMC), and the security significance is hard to overstate: a remote attacker may be able to skip authentication entirely and reach the application without valid...
Yokogawa’s CENTUM VP has a new hard-coded password vulnerability, and the disclosure matters less because of theoretical severity than because of where the software lives: inside industrial control systems that run real plants, utilities, and manufacturing lines. The issue, tracked as...
Legacy operational technology is no longer a quiet liability tucked away on the factory floor; it has become one of manufacturing’s most persistent cybersecurity blind spots. As ESET frames it, the problem is not that old machines are inherently broken, but that decades-old OT increasingly sits...
Schneider Electric’s latest EcoStruxure Foxboro DCS security notice is a reminder that even mature, safety-oriented industrial platforms can still be exposed through the software tools engineers use to move data, load projects, and manage plant systems. The advisory centers on CVE-2026-1286, a...
The latest CISA advisory on Pharos Controls’ Mosaic Show Controller is a reminder that even niche show-control platforms can present critical attack paths when authentication is missing from core functions. CISA says Mosaic Show Controller firmware 2.15.3 is affected by CVE-2026-2417, a missing...