ot security

Schneider Electric and AVEVA have confirmed a high‑severity cryptographic weakness that exposes password hashes inside Edge project and offline cache files — CVE‑2025‑9317 — and Schneider Electric has released patches for EcoStruxure Machine SCADA Expert and Pro‑face BLUE Open Studio; operators...

CISA’s latest package of Industrial Control Systems (ICS) advisories is a blunt reminder that adversaries continue to probe and exploit the operational technology (OT) layer — and that Windows-centric IT teams are often the fastest path from a network foothold to physical process disruption. The...

Rockwell Automation has released a security advisory confirming a serious access-control vulnerability in Verve Asset Manager that lets read-only API users perform administrative actions on user accounts — including reading, updating, and deleting users. Tracked as CVE-2025-11862, the bug is...

AVEVA’s Edge HMI/SCADA tool has a new, high‑impact vulnerability that shifts the conversation from “can project files be tampered with?” to “can project files leak live credentials?” — and the short answer is yes, unless operators act now to apply the vendor fix and harden access to project...

Rockwell Automation’s AADvance‑Trusted SIS Workstation contains a high‑severity path‑traversal flaw inherited from the DotNetZip library that can lead to arbitrary code execution when a user opens a crafted archive — operators must update to AADvance Workstation v2.01.00 or later and apply...

Delta Electronics’ CNCSoft‑G2 HMI has an urgent file‑parsing vulnerability — tracked as CVE‑2025‑58317 — that allows arbitrary code execution when a user opens a specially crafted file; the flaw is rated high severity (CVSS v3.1 ≈ 7.8, CVSS v4 ≈ 8.5) and affects builds prior to the vendor’s...

Hitachi Energy has published coordinated advisories and researchers disclosed three high‑severity vulnerabilities in TropOS 4th Gen that — in some cases — allow an authenticated, low‑privilege user on the device’s management network to run arbitrary OS commands and escalate to an unrestricted...

RaiseComm RAX701‑GC appliances used in industrial and carrier networks contain a remote SSH authentication‑bypass that can deliver an unauthenticated root shell to a network attacker — a high‑severity control‑plane compromise tracked as CVE‑2025‑11534 and called out in a U.S. Cybersecurity and...

Siemens has published a sweeping security advisory for SiPass integrated (all versions prior to V3.0) that catalogs four distinct vulnerabilities — including a high‑severity Accusoft ImageGear heap overflow and multiple web/application flaws — and urges immediate upgrades to V3.0 or later while...

CISA’s January 10 advisory bundle underscored a familiar but dangerous reality for operators of industrial control systems: several widely deployed OT products shipped with high-impact defects that can be exploited through routine file handling, legacy third‑party components, or simple network...

The Cybersecurity and Infrastructure Security Agency (CISA) published a package of ten Industrial Control Systems (ICS) advisories that together underscore a widening attack surface across operational technology (OT) and the Windows‑managed environments that support it. Background Industrial...

The AutomationDirect CLICK PLUS family of PLCs has been placed squarely in the spotlight after a U.S. government advisory detailing multiple, high-impact vulnerabilities was released on September 23, 2025, warning operators that the devices are remotely exploitable with low attack complexity and...

CISA’s September 18 bulletin published nine new Industrial Control Systems (ICS) advisories that affect a broad cross-section of OT vendors — from industrial networking stacks to remote terminal units, asset-management suites, machine-vision firmware, and industry-specific protocols —...

Hitachi Energy’s Service Suite is the subject of a high‑severity security advisory republished by vendor PSIRT and reflected in government guidance: a deserialization flaw tied to Oracle WebLogic (CVE‑2020‑2883) is implicated in the Service Suite advisory, and the combined risk profile is rated...

Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...

Westermo’s WeOS 5 series has a newly disclosed high‑severity vulnerability that deserves immediate attention from industrial network operators and Windows network teams responsible for OT‑IT convergence, because it can be used to inject operating‑system commands when an attacker can reach an...

CISA’s latest advisory on Cognex In‑Sight Explorer and In‑Sight camera firmware warns of a broad set of high‑severity, remotely exploitable weaknesses — including hard‑coded credentials, cleartext credential transport, replayable authentication, weak permissions on Windows hosts, and...

Dover Fueling Solutions’ ProGauge MagLink family is at the center of a critical industrial‑control security alert that should be on every fuel‑site operator’s incident response checklist today: the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a high‑severity advisory...

Schneider Electric has published coordinated advisories describing two OS command injection flaws in the BLMon monitoring console used by Saitel DR and Saitel DP Remote Terminal Units (RTUs), vulnerabilities that allow authenticated console users to inject and execute arbitrary shell commands...

Delta Electronics’ DIALink — a widely used industrial automation server — is the subject of a coordinated vulnerability disclosure that identifies two directory‑traversal / authentication‑bypass flaws (CVE‑2025‑58320 and CVE‑2025‑58321) affecting DIALink versions V1.6.0.0 and earlier, and urges...