ot security

Pro‑Russia hacktivist collectives have mounted a wave of opportunistic intrusions against internet‑exposed operational technology (OT) devices worldwide, exploiting unsecured Virtual Network Computing (VNC) connections and weak or default credentials to access human‑machine interfaces (HMIs) in...

CISA and partner agencies have issued a fresh warning: pro‑Russia hacktivist collectives are carrying out opportunistic intrusions against U.S. and global critical infrastructure by exploiting internet‑facing Virtual Network Computing (VNC) connections, a low‑sophistication but high‑impact...

CISA has again pushed a fresh set of Industrial Control Systems (ICS) advisories into the wild, emphasizing the continuing frequency and severity of vulnerabilities found in operational-technology products used across power, manufacturing, building automation, and transportation...

CISA’s consolidated bulletin announcing nine new Industrial Control Systems (ICS) advisories is a blunt reminder that the operational-technology (OT) landscape — and the Windows systems that often bridge to it — remain under persistent attack and demand coordinated, prioritized remediation. The...

CISA’s addition of an OpenPLC ScadaBR vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog puts industrial control system defenders back on high alert: the flaw—reported in 2021 as an unrestricted upload of file with dangerous type that permits uploading and execution of arbitrary...

CISA and Australia’s ACSC, together with federal and international partners, published joint guidance on how to integrate artificial intelligence into operational technology (OT) environments securely, framing a practical set of principles to balance operational gains from AI with the unique...

A coordinated security advisory has exposed high-severity weaknesses in a broad range of Festo products — including the Compact Vision System, multiple Control Block and Controller SKUs, and several Operator Unit models — that can allow remote attackers to read and modify configuration files or...

Schneider Electric and AVEVA have confirmed a high‑severity cryptographic weakness that exposes password hashes inside Edge project and offline cache files — CVE‑2025‑9317 — and Schneider Electric has released patches for EcoStruxure Machine SCADA Expert and Pro‑face BLUE Open Studio; operators...

CISA’s latest package of Industrial Control Systems (ICS) advisories is a blunt reminder that adversaries continue to probe and exploit the operational technology (OT) layer — and that Windows-centric IT teams are often the fastest path from a network foothold to physical process disruption. The...

Rockwell Automation has released a security advisory confirming a serious access-control vulnerability in Verve Asset Manager that lets read-only API users perform administrative actions on user accounts — including reading, updating, and deleting users. Tracked as CVE-2025-11862, the bug is...

AVEVA’s Edge HMI/SCADA tool has a new, high‑impact vulnerability that shifts the conversation from “can project files be tampered with?” to “can project files leak live credentials?” — and the short answer is yes, unless operators act now to apply the vendor fix and harden access to project...

Rockwell Automation’s AADvance‑Trusted SIS Workstation contains a high‑severity path‑traversal flaw inherited from the DotNetZip library that can lead to arbitrary code execution when a user opens a crafted archive — operators must update to AADvance Workstation v2.01.00 or later and apply...

Delta Electronics’ CNCSoft‑G2 HMI has an urgent file‑parsing vulnerability — tracked as CVE‑2025‑58317 — that allows arbitrary code execution when a user opens a specially crafted file; the flaw is rated high severity (CVSS v3.1 ≈ 7.8, CVSS v4 ≈ 8.5) and affects builds prior to the vendor’s...

Hitachi Energy has published coordinated advisories and researchers disclosed three high‑severity vulnerabilities in TropOS 4th Gen that — in some cases — allow an authenticated, low‑privilege user on the device’s management network to run arbitrary OS commands and escalate to an unrestricted...

RaiseComm RAX701‑GC appliances used in industrial and carrier networks contain a remote SSH authentication‑bypass that can deliver an unauthenticated root shell to a network attacker — a high‑severity control‑plane compromise tracked as CVE‑2025‑11534 and called out in a U.S. Cybersecurity and...

Siemens has published a sweeping security advisory for SiPass integrated (all versions prior to V3.0) that catalogs four distinct vulnerabilities — including a high‑severity Accusoft ImageGear heap overflow and multiple web/application flaws — and urges immediate upgrades to V3.0 or later while...

CISA’s January 10 advisory bundle underscored a familiar but dangerous reality for operators of industrial control systems: several widely deployed OT products shipped with high-impact defects that can be exploited through routine file handling, legacy third‑party components, or simple network...

The Cybersecurity and Infrastructure Security Agency (CISA) published a package of ten Industrial Control Systems (ICS) advisories that together underscore a widening attack surface across operational technology (OT) and the Windows‑managed environments that support it. Background Industrial...

The AutomationDirect CLICK PLUS family of PLCs has been placed squarely in the spotlight after a U.S. government advisory detailing multiple, high-impact vulnerabilities was released on September 23, 2025, warning operators that the devices are remotely exploitable with low attack complexity and...

CISA’s September 18 bulletin published nine new Industrial Control Systems (ICS) advisories that affect a broad cross-section of OT vendors — from industrial networking stacks to remote terminal units, asset-management suites, machine-vision firmware, and industry-specific protocols —...