You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ot security
About this tag
OT security on WindowsForum covers operational technology vulnerabilities and advisories relevant to administrators managing hybrid IT/OT networks. Recent discussions include CISA alerts on industrial control system flaws such as CVE-2026-1840 in Hubbell Aclara web interfaces, B&R Linux kernel privilege escalation bugs, Hitachi RTU500 firmware issues, and warnings about internet-exposed automatic tank gauges. Other topics include cross-site scripting in Kieback & Peter building controllers, session hijacking in Siemens SIPROTEC 5 devices, and file-read vulnerabilities in Siemens Ruggedcom ROX. These threads emphasize that patch discipline, network segmentation, and treating industrial appliances as dynamic security risks are critical for protecting infrastructure that increasingly intersects with Windows and enterprise environments.
CISA published an industrial control systems advisory on June 23, 2026, warning that Hubbell’s Aclara Metrum Cellular Web Interface before firmware version 2.1.0.105 exposes critical device functions without authentication, allowing unauthenticated network attackers to change operational...
B&R Industrial Automation’s June 2026 advisory says multiple Linux kernel vulnerabilities affect Linux for B&R 12 and earlier, APROL releases before APROL-AutoYaST-DVD V4.4-010.10.260602, and all X20EDS410 devices, enabling local privilege escalation on exposed systems. The headline is not that...
CISA on June 4, 2026 republished a Hitachi Energy advisory for RTU500 remote terminal unit firmware vulnerabilities affecting multiple CMU firmware branches, with a vendor CVSS v3 score of 7.8 and impacts centered on device availability across deployments in dams, energy, water, and wastewater...
CISA, the FBI, NSA, DOE, EPA, TSA, DOT, USDA, and partner agencies have warned U.S. operators that malicious actors are targeting internet-exposed automatic tank gauge systems used to monitor fuel and liquid storage tanks across critical infrastructure sectors. The practical message is blunt: if...
CISA on May 21, 2026 republished ABB’s advisory for three medium-severity flaws in B&R Automation Runtime’s System Diagnostics Manager, affecting Automation Runtime versions before 6.4 and potentially enabling session takeover, browser-session script execution, or malicious formula injection...
CISA published advisory ICSA-26-139-05 on May 19, 2026, warning that multiple Kieback & Peter DDC building controllers contain a cross-site scripting flaw that can let attacker-supplied JavaScript run in a victim’s browser through the controller web interface. The bug is not a cinematic “take...
CISA republished Siemens ProductCERT advisory SSA-786884 on May 14, 2026, warning that many Siemens SIPROTEC 5 protection devices generate insufficiently random session identifiers, creating a network-exploitable session hijacking risk tracked as CVE-2024-54017 and affecting deployments...
Siemens and CISA disclosed on May 12 and May 14, 2026, respectively, that Ruggedcom ROX devices before version 2.17.1 contain CVE-2025-40948, an authenticated remote file-read vulnerability in the web server’s JSON-RPC interface affecting multiple MX5000, RX1400, RX1500, RX1510, RX1524, RX1536...
Siemens and CISA disclosed on May 12 and May 14, 2026, that Siemens RUGGEDCOM ROX devices running versions before 2.17.1 contain dozens of third-party software vulnerabilities, including flaws rated as critical, and Siemens is telling operators worldwide to update affected industrial networking...
Industrial Edge Management has an authorization bypass vulnerability that can let an unauthenticated remote attacker slip past authentication and reach connected Industrial Edge Devices through the remote connection feature. Siemens has already issued fixed versions for the affected branches...
Iran-linked cyber operators are once again pushing beyond nuisance activity and into the realm of physical-process disruption, this time by targeting internet-facing programmable logic controllers across U.S. critical infrastructure. The new CISA advisory, issued on April 7, 2026, says the...
Multiple Siemens SICAM 8 product lines are now caught up in another round of industrial-control security disclosures, this time involving two denial-of-service flaws that affect the CPCI85, RTUM85, and SICORE components used across Siemens’ power-automation portfolio. Siemens says fixes are...
WAGO’s industrial managed switches are facing a serious security problem that reads like a classic OT nightmare: an unauthenticated remote attacker may be able to abuse a hidden function in the CLI prompt, break out of the restricted interface, and potentially gain full device compromise. The...
Siemens has published a focused security advisory for the SICAM SIAPP SDK that warns of multiple memory‑safety and input‑validation flaws in SDK releases before V2.1.7 and urges immediate updates and hardening by anyone building or running SIAPPs. The defects — which Siemens characterizes as an...
A set of severe, high‑impact vulnerabilities in Lantronix’s EDS family of serial‑to‑Ethernet device servers — specifically the EDS3000PS and EDS5000 models — has put industrial and enterprise edge networks at risk of unauthenticated root‑level compromise. The U.S. Cybersecurity and...
Mitsubishi Electric has disclosed a cluster of high‑impact denial‑of‑service vulnerabilities affecting the MELSEC iQ‑F Series EtherNet/IP and Ethernet modules that, if left unmitigated, can be weaponized by a remote attacker to render communications unavailable and force a device reset — with...
Hitachi Energy's RTU500 family is the subject of a fresh set of security advisories that enumerate multiple firmware-level flaws capable of leaking low-value user management data and causing device outages — vulnerabilities operators must treat as urgent because the affected components sit at...
Nexcom’s latest Embedded World showcase is a clear signal that industrial PC vendors are doubling down on fanless reliability, local AI capability, and ruggedized edge platforms — the company has unveiled the APPC C21‑01 fanless panel PC family for factory HMIs, a Jetson‑powered robotics...
Johnson Controls’ Frick Controls Quantum HD family has been pushed into the center of a new industrial‑control security storm after a coordinated advisory flagged a cluster of high‑severity remote vulnerabilities that — if chained or exploited at scale — could let unauthenticated attackers run...
Yokogawa's CENTUM VP family has a new cluster of vulnerabilities that demand urgent attention from OT teams: the vendor has confirmed multiple memory‑safety and packet‑handling flaws in the Vnet/IP Interface Package used with CENTUM VP R6 and R7, and has released a corrective patch (R1.08.00)...