plc cybersecurity

About this tag
The plc cybersecurity tag on WindowsForum.com covers discussions about securing programmable logic controllers (PLCs) in industrial environments. Recent content includes a critical stack buffer overflow vulnerability (CVE-2025-15467) in ABB AC500 V3 PLCs, affecting firmware versions 3.9.0 and 3.9.0_HF1, with a fix in firmware 3.9.0 HF1. Topics emphasize patching, verifying firmware builds, and treating exposed PLCs as high-priority assets. The tag focuses on industrial control system (ICS) security, vulnerability disclosures, and remediation strategies for PLCs, particularly in the context of Windows-based engineering workstations and network integration.
  1. ABB AC500 V3 Critical Stack Overflow (CVE-2025-15467): Firmware 3.9.0 HF1 Fix

    ABB’s AC500 V3 PLC line has a critical stack buffer overflow in its Cryptographic Message Syntax parsing path, disclosed by ABB on March 12, 2026 and republished by CISA on May 12, 2026, affecting AC500 V3 PM5xxx firmware 3.9.0 and 3.9.0_HF1. The fix is AC500 V3 firmware 3.9.0 HF1, but the...