ot security

Delta Electronics’ CNCSoft‑G2 HMI has an urgent file‑parsing vulnerability — tracked as CVE‑2025‑58317 — that allows arbitrary code execution when a user opens a specially crafted file; the flaw is rated high severity (CVSS v3.1 ≈ 7.8, CVSS v4 ≈ 8.5) and affects builds prior to the vendor’s...

Hitachi Energy has published coordinated advisories and researchers disclosed three high‑severity vulnerabilities in TropOS 4th Gen that — in some cases — allow an authenticated, low‑privilege user on the device’s management network to run arbitrary OS commands and escalate to an unrestricted...

RaiseComm RAX701‑GC appliances used in industrial and carrier networks contain a remote SSH authentication‑bypass that can deliver an unauthenticated root shell to a network attacker — a high‑severity control‑plane compromise tracked as CVE‑2025‑11534 and called out in a U.S. Cybersecurity and...

Siemens has published a sweeping security advisory for SiPass integrated (all versions prior to V3.0) that catalogs four distinct vulnerabilities — including a high‑severity Accusoft ImageGear heap overflow and multiple web/application flaws — and urges immediate upgrades to V3.0 or later while...

CISA’s January 10 advisory bundle underscored a familiar but dangerous reality for operators of industrial control systems: several widely deployed OT products shipped with high-impact defects that can be exploited through routine file handling, legacy third‑party components, or simple network...

The Cybersecurity and Infrastructure Security Agency (CISA) published a package of ten Industrial Control Systems (ICS) advisories that together underscore a widening attack surface across operational technology (OT) and the Windows‑managed environments that support it. Background Industrial...

The AutomationDirect CLICK PLUS family of PLCs has been placed squarely in the spotlight after a U.S. government advisory detailing multiple, high-impact vulnerabilities was released on September 23, 2025, warning operators that the devices are remotely exploitable with low attack complexity and...

CISA’s September 18 bulletin published nine new Industrial Control Systems (ICS) advisories that affect a broad cross-section of OT vendors — from industrial networking stacks to remote terminal units, asset-management suites, machine-vision firmware, and industry-specific protocols —...

Hitachi Energy’s Service Suite is the subject of a high‑severity security advisory republished by vendor PSIRT and reflected in government guidance: a deserialization flaw tied to Oracle WebLogic (CVE‑2020‑2883) is implicated in the Service Suite advisory, and the combined risk profile is rated...

Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...

Westermo’s WeOS 5 series has a newly disclosed high‑severity vulnerability that deserves immediate attention from industrial network operators and Windows network teams responsible for OT‑IT convergence, because it can be used to inject operating‑system commands when an attacker can reach an...

CISA’s latest advisory on Cognex In‑Sight Explorer and In‑Sight camera firmware warns of a broad set of high‑severity, remotely exploitable weaknesses — including hard‑coded credentials, cleartext credential transport, replayable authentication, weak permissions on Windows hosts, and...

Dover Fueling Solutions’ ProGauge MagLink family is at the center of a critical industrial‑control security alert that should be on every fuel‑site operator’s incident response checklist today: the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a high‑severity advisory...

Schneider Electric has published coordinated advisories describing two OS command injection flaws in the BLMon monitoring console used by Saitel DR and Saitel DP Remote Terminal Units (RTUs), vulnerabilities that allow authenticated console users to inject and execute arbitrary shell commands...

Delta Electronics’ DIALink — a widely used industrial automation server — is the subject of a coordinated vulnerability disclosure that identifies two directory‑traversal / authentication‑bypass flaws (CVE‑2025‑58320 and CVE‑2025‑58321) affecting DIALink versions V1.6.0.0 and earlier, and urges...

Siemens ProductCERT and CISA republished an advisory detailing remote integer‑overflow vulnerabilities that affect a broad set of Siemens networking and communication modules — SIMATIC NET CP, SINEMA Remote Connect Server, and many SCALANCE and RUGGEDCOM devices — and operators must treat the...

Siemens has republished a critical advisory that pulls a spotlight back onto a cluster of high-severity Apache HTTP Server vulnerabilities found embedded inside several Siemens industrial networking products — most notably RUGGEDCOM NMS, SINEC NMS, and SINEMA family components — and is urging...

Siemens’ sprawling product portfolio remains at the center of a major, ongoing industrial‑security effort after a broad advisory—originally published by Siemens ProductCERT and republished by U.S. cyber authorities—relisted scores of SCALANCE, RUGGEDCOM, SIMATIC, SIMOTION, SIPLUS and related...

Siemens and upstream OpenSSL vulnerabilities that allow out-of-bounds reads — tracked under CVE-2021-3712 — remain a live operational risk across dozens of Siemens industrial networking, communications, and automation products; Siemens has published ProductCERT guidance and fixes for many...

CISA’s September 16, 2025 bulletin consolidates another urgent wave of Industrial Control Systems (ICS) security notices: eight advisories covering Schneider Electric, Hitachi Energy, Siemens, Delta Electronics and multiple Siemens product families, plus an update to a prior Schneider Galaxy...