scada security

In the ever-evolving landscape of industrial automation and control systems, the security of software platforms used for programming programmable logic controllers (PLCs) is paramount. Delta Electronics’ ISPSoft, a widely deployed development suite for configuring and managing Delta PLCs...

Rockwell Automation's ThinManager platform has long been regarded as a robust solution in the realm of industrial automation, providing centralized management of thin clients and session-based environments for critical manufacturing infrastructure worldwide. Yet, the discovery of two significant...

On April 29, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) took significant action by publishing three new advisories targeting vulnerabilities in Industrial Control Systems (ICS)—a sector that forms the backbone of critical national infrastructure. While ICS technologies...

The growing intersection of operational technology (OT) and traditional IT infrastructure has been highlighted once again through recent advisories from the Cybersecurity and Infrastructure Security Agency (CISA), specifically targeting Schneider Electric’s widely used Modicon controllers. As...

Schneider Electric’s ConneXium Network Manager: How End-of-Life ICS Vulnerabilities Put Critical Infrastructure at Risk Schneider Electric’s ConneXium Network Manager, once the beating heart of industrial network management, now finds itself at the epicenter of a sobering cybersecurity...

Schneider Electric has long been recognized as a leader in industrial automation and energy management. However, its widespread deployment in critical infrastructure sectors means security flaws in its products are not simply IT issues—they're converging with the heart of global operational...

As ICS vulnerabilities steadily march up the agenda of national security, critical infrastructure, and enterprise risk management, the release of thirteen new advisories by CISA on March 13, 2025, arrives as both a technical warning and an urgent call to action for IT, OT, and Windows...

The escalating interplay between operational technology and the digital world has made critical infrastructure—not to mention the everyday technology underpinning it—a battleground for cyberthreats. Few advisories capture this more vividly than the latest disclosure by the Cybersecurity and...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently drawn attention to a wave of critical vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs)—devices that form a backbone in industrial automation globally. These vulnerabilities...

In the world of industrial cybersecurity, every new advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA) reads as both a technical bulletin and a stark warning. This is certainly true with the recent CISA alert centered on vulnerabilities within Subnet Solutions Inc.’s...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a high-severity advisory concerning Siemens Industrial Edge Devices, signaling one of the most consequential authentication bypass vulnerabilities in the industrial control system (ICS) domain to date. Siemens, a...

Amid rising global threats targeting industrial control systems (ICS), a cluster of security vulnerabilities discovered in Hitachi Energy’s RTU500 series has captured the attention of critical infrastructure operators worldwide. With the U.S. Cybersecurity and Infrastructure Security Agency...

The list of vulnerabilities recently disclosed in B&R’s APROL industrial automation platform reads like a what’s-what of cybersecurity risks facing critical infrastructure systems today. This advisory, released by CISA and tracked under ICSA-25-093-05, not only highlights the diversity of...

The latest security advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on the Rockwell Automation 440G TLS-Z safety device brings to the forefront a set of vulnerabilities that could have substantial repercussions for industrial networks and critical infrastructure...

In an era where the security and reliability of our physical infrastructure are increasingly interwoven with digital systems, every new advisory concerning industrial control systems (ICS) carries a weight that resonates far beyond the world of cybersecurity professionals. On March 20, 2025, the...

Schneider Electric Uni-Telway Driver Vulnerability: What It Means for Critical Infrastructure and Enterprise Security Schneider Electric’s technologies are deeply woven into the fabric of industrial environments worldwide, from energy and manufacturing plants to commercial facilities. When a...

In a year when AI is penning limericks, coffee machines are joining botnets, and your car wants to update its firmware more often than your laptop, the CISA has dropped a fresh batch of seven advisories aimed straight at the pulse of Industrial Control Systems (ICS). If you’re in charge of...

If you’re running critical infrastructure with Schneider Electric Modicon controllers and you slept well last night, it’s probably because you missed the latest vulnerability roundup. The risk profile for Modicon M580, M340, Premium, Quantum, and a grab bag of others has reached that rarefied...

When a security advisory opens with a CVSS v4 score of 8.7, a low attack complexity, and the warning "exploitable remotely," you'd almost hope they're discussing an outdated video game console, not high-powered ABB MV Drives quietly spinning away in the world's critical infrastructure. Yet, here...

If you’re a fan of gray industrial boxes, blinking lights, and the invisible hand that puppeteers much of the world’s infrastructure, then Siemens TeleControl Server Basic might be right up your alley. Or, at least, it was—until a parade of high-severity SQL injection vulnerabilities marched...