CERT Advisories

Mitsubishi Electric FREQSHIP-mini for Windows

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to, modify, delete, or destroy information stored on the system where the affected product is installed, or cause a denial-of-service condition on the affected system.</stro

RISS SRL MOMA Seismic Station

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in an unauthenticated attacker creating a denial-of-service condition.</strong></p> <p>The following versions of RISS SRL MOMA Seismic Station are affected:</p> <ul> <li>MOMA Seis

Avation Light Engine Pro

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to take full control of the device.</strong></p> <p>The following versions of Avation Light Engine Pro are affected:</p> <ul> <li>Light Engine Pro vers:all/* (CVE-2026-

Synectix LAN 232 TRIO

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in an unauthenticated attacker modifying critical device settings or factory resetting the device.</strong></p> <p>The following versions of Synectix LAN 232 TRIO are affected:</p> <ul>

Critical

Ejecución de código en FREQSHIP-mini de Mitsubishi

<span class="field field--name-title field--type-string field--label-hidden">Ejecución de código en FREQSHIP-mini de Mitsubishi</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-03">Mar, 03/02/2026 - 09:35</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cert

2d agoINCIBE-CERT

Ejecución remota de comandos en productos de Hikvision

<span class="field field--name-title field--type-string field--label-hidden">Ejecución remota de comandos en productos de Hikvision</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-02">Lun, 02/02/2026 - 10:06</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-

3d agoINCIBE-CERT

Ausencia de autenticación en la serie de codificadores de KiloView

<span class="field field--name-title field--type-string field--label-hidden">Ausencia de autenticación en la serie de codificadores de KiloView</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-30">Vie, 30/01/2026 - 10:13</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incib

6d agoINCIBE-CERT

Rockwell Automation ControlLogix

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.</strong></p> <p>The following versions of Rockwell Automation ControlLogix are affected:</p> <ul> <li>ControlLogix Redundancy En

Jan 29CISA Cybersecurity Advisories

Rockwell Automation ArmorStart LT

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.</strong></p> <p>The following versions of Rockwell Automation ArmorStart LT are affected:</p> <ul> <li>ArmorStart LT 290D &am

Jan 29CISA Cybersecurity Advisories

KiloView Encoder Series

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-029-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an unauthenticated attacker to create or delete administrator accounts, granting full administrative control.</strong></p> <p>The following versions of KiloView Encoder Series are affected:</p&gt

Jan 29CISA Cybersecurity Advisories

Asignación incorrecta de permisos en ibaPDA de iba Systems

<span class="field field--name-title field--type-string field--label-hidden">Asignación incorrecta de permisos en ibaPDA de iba Systems</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-29">Jue, 29/01/2026 - 09:21</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/inc

Jan 29INCIBE-CERT

Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858

<p>Newly disclosed vulnerability <a href="https://www.cve.org/CVERecord?id=CVE-2026-24858" target="_blank">Common Vulnerabilities and Exposures (CVE)-2026-24858</a> [<a href="https://cwe.mitre.org/data/definitions/288.html" target="_blank" title="CWE-288: Authentication Bypass Using an Alternate Path or Channel">Common Weakness Enumeration (CWE)-288: Authentication Bypass Using an Alternate Path or Channel</a>] allow

CVE-2026-24858

Jan 28CISA Cybersecurity Advisories

Múltiples vulnerabilidades en productos de Beckhoff

<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en productos de Beckhoff</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-28">Mié, 28/01/2026 - 10:02</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cer

Jan 28INCIBE-CERT

CISA Adds One Known Exploited Vulnerability to Catalog

<p>CISA has added one new vulnerability to its <a href="/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecor

Schneider Electric Zigbee Products

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-027-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Schneider Electric is aware of multiple vulnerabilities with EmberZNet disclosed by Silicon Labs. Many vendors, including Schneider Electric, use Silicon Labs’ Zigbee processors in their offers. The following have denial of service vulnerabilities: Wiser iTRV, Wis

Festo Didactic SE MES PC

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-027-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>MES PCs shipped with Windows 10 come pre-installed with XAMPP. XAMPP is a bundle of third-party open-source applications including the Apache HTTP Server, the MariaDB database and more. From time to time, vulnerabilities in these applications are discovered. These

Johnson Controls Products

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-027-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in remote SQL execution, leading to alteration or loss of data.</strong></p> <p>The following versions of Johnson Controls Products are affected:</p> <ul> <li>Applicatio

Jan 26CISA Cybersecurity Advisories

CISA Adds Five Known Exploited Vulnerabilities to Catalog

<p>CISA has added five new vulnerabilities to its <a href="/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERe

CISA Adds One Known Exploited Vulnerability to Catalog

<div class="OutlineElement Ltr SCXW240314876 BCX8"> <p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation. </p> </div> <div class="ListContainerWrapper SCXW240314876 BCX8"> <ul> <li><a class="Hyperlink SCXW240314876 BCX8&quo

Jan 23CISA Cybersecurity Advisories

Product Categories for Technologies That Use Post-Quantum Cryptography Standards

<h2><strong>Executive Summary</strong></h2> <p>In response to the June 6, 2025, Executive Order (EO) 14306, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144,” the Cybersecurity and Infrastructure Security Agency (CISA) is providing and regularly updating the below lists to aid in post-quantum cryptography (PQC) adoption. The lists include hardware and software categories with example typ

Jan 23CISA Cybersecurity Advisories

Omisión de autorización en hubs de Hubitat Elevation

<span class="field field--name-title field--type-string field--label-hidden">Omisión de autorización en hubs de Hubitat Elevation</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-23">Vie, 23/01/2026 - 10:19</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-ce

Jan 23INCIBE-CERT

Múltiples vulnerabilidades en productos Weintek

<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en productos Weintek</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-23">Vie, 23/01/2026 - 10:58</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cert/av

Jan 23INCIBE-CERT

Desbordamiento de búfer basado en pila en iSTAR de Johnson Controls

<span class="field field--name-title field--type-string field--label-hidden">Desbordamiento de búfer basado en pila en iSTAR de Johnson Controls</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-23">Vie, 23/01/2026 - 09:45</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.inci

Jan 23INCIBE-CERT

CISA Adds Four Known Exploited Vulnerabilities to Catalog

<p>CISA has added four new vulnerabilities to its <a href="/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERe

Hubitat Elevation Hubs

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-06.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an authenticated attacker to escalate their privileges and control devices outside of their authorized scope.</strong></p> <p>The following versions of Hubitat Elevation Hubs are affected:

AutomationDirect CLICK Programmable Logic Controller

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to impersonate users, escalate privileges, gain unauthorized access to systems and services, and decrypt sensitive data.</strong></p> <p>The following versions of Automation

Johnson Controls Inc. iSTAR Configuration Utility (ICU) tool

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to cause a failure within the operating system of the machine hosting the ICU tool.</strong></p> <p>The following versions of Johnson Controls Inc. iSTAR Configuration Utility

Delta Electronics DIAView

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-07.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could enable an attacker to execute arbitrary code.</strong></p> <p>The following versions of Delta Electronics DIAView are affected:</p> <ul> <li>DIAView (CVE-2026-0975)</li>

CVE-2026-0975

Weintek cMT X Series HMI EasyWeb Service

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-05.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow a low-level user to alter privileges and gain full control to the device.</strong></p> <p>The following versions of Weintek cMT X Series HMI EasyWeb Service are affected:</p> <

EVMAPA

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-08.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could lead to degraded service, a denial-of-service, or unauthorized remote command execution, which could lead to spoofing or a manipulation of charging station statuses.</strong></p> <p>The follo

Schneider Electric EcoStruxure Process Expert

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Schneider Electric is aware of a vulnerability in its EcoStruxureTM Process and EcoStruxure™ Process Expert for AVEVA System Platform products. The EcoStruxureTM Process is a single automation system to engineer, operate, and maintain your entire infrastructure fo

Rockwell Automation CompactLogix 5370

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition.</strong></p> <p>The following versions of Rockwell Automation CompactLogix 5370 are affected:</p> <ul> <li>CompactLogi

Jan 21CISA Cybersecurity Advisories

Múltiples vulnerabilidades en MedDream PACS Premium

<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en MedDream PACS Premium</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-22">Jue, 22/01/2026 - 09:22</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cer

Jan 22INCIBE-CERT

CISA Adds One Known Exploited Vulnerability to Catalog

Múltiples vulnerabilidades en productos de Rockwell Automation

<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en productos de Rockwell Automation</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-21">Mié, 21/01/2026 - 11:13</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es

Jan 21INCIBE-CERT

Schneider Electric devices using CODESYS Runtime

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-020-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Schneider Electric is aware of multiple vulnerabilities disclosed on CODESYS runtime system V3 communication server. Many vendors, including Schneider Electric, embed CODESYS in their offers. If successfully exploited, these vulnerabilities could result in a denia

Jan 20CISA Cybersecurity Advisories

Rockwell Automation Verve Asset Manager

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-020-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities may allow an attacker to access sensitive information stored in variables within the ADI server.</strong></p> <p>The following versions of Rockwell Automation Verve Asset Manager are affected:</