<p>CISA has added two new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation. </p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2022-20775" target="_blank">CVE-2022-20775</a> Cisco Catalyst SD-WAN Path Traversal Vulnerability&
<p><em>The purpose of this Alert is to provide resources for organizations with Cisco Software-Defined Wide-Area Networking (SD-WAN) systems, including Federal Civilian Executive Branch (FCEB) agencies, to address ongoing exploitation of multiple vulnerabilities. Notably, the Cybersecurity and Infrastructure Security Agency (CISA) has added </em><a href="https://www.cve.org/CVERecord?id=CVE-2026-20127" target="_blank"><em>CVE-2026-20127</em></a>
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en MasterSCADA BUK-TS de InSAT</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-25">Mié, 25/02/2026 - 09:26</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/inci
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en AC500 V3 de ABB</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-25">Mié, 25/02/2026 - 09:43</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cert/avis
<p>CISA has added one new vulnerability to its <a href="/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecor
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-055-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control edge devices, access cloud-based devices and user information without authentication, and pivot to other edge devices managed in the Gardyn cloud environment.&
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-055-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Schneider Electric is aware of a vulnerability in EcoStruxure Building Operation Workstation and EcoStruxure Building Operation WebStation. [EcoStruxure Building Operation (EBO)](https://www.se.com/ww/en/product-range/62111-ecostruxure-building-operation-software/
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-055-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities may allow remote code execution.</strong></p> <p>The following versions of InSAT MasterSCADA BUK-TS are affected:</p> <ul> <li>MasterSCADA BUK-TS vers:all/* (CVE-2026-21410, CVE-2
<span class="field field--name-title field--type-string field--label-hidden">Escalada de privilegios en productos de TRUMPF</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-24">Mar, 24/02/2026 - 09:36</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cert/avi
<p>CISA has added two new vulnerabilities to its <a href="/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERec
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en USR-W610 de Jinan USR IOT Technology Limited</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-20">Vie, 20/02/2026 - 09:44</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://w
<span class="field field--name-title field--type-string field--label-hidden">Limitación incorrecta a un directorio restringido en DNA Engineering Web Tools de Valmet</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-20">Vie, 20/02/2026 - 10:04</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a h
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en SmartServer IoT de EnOcean Edge Inc</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-20">Vie, 20/02/2026 - 09:11</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe
<span class="field field--name-title field--type-string field--label-hidden">Autenticación faltante para función crítica en OdorEyes EcoSystem de Welker</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-20">Vie, 20/02/2026 - 09:26</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an unauthenticated attacker to manipulate the web maintenance services URL to achieve arbitrary file read access.</strong></p> <p>The following versions of Valmet DNA Engineering Web Tools are affec
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could result in authentication being disabled, a denial-of-service condition, or an attacker stealing valid user credentials, including administrator credentials.</strong></p> <p>The following versions of Ji
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in an over- or under-odorization event.</strong></p> <p>The following versions of Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller are affected:</p> <ul> <li>Odor
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and bypass ASLR.</strong></p> <p>The following versions of EnOcean SmartServer IoT are affected:</p> <ul> <li>SmartServer IoT &
Low<p>CISA has added two new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2021-22175" target="_blank">CVE-2021-22175</a> GitLab Server-Side Request Forgery (SSRF) Vulnerability</li> <li><a href="https://w
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en GE Vernova Enervista UR Setup</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-18">Mié, 18/02/2026 - 10:04</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/in
<span class="field field--name-title field--type-string field--label-hidden">Desbordamiento de búfer basado en pila en ASDA-Soft de Delta Electronics</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-18">Mié, 18/02/2026 - 09:35</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www
<span class="field field--name-title field--type-string field--label-hidden">Ausencia de autenticación en productos de CCTV de Honeywell</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-18">Mié, 18/02/2026 - 09:37</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/in
<p>CISA has added four new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2008-0015" target="_bla
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability may allow an attacker to write arbitrary data beyond the bounds of a stack-allocated buffer, leading to the corruption of a structured exception handler (SEH).</strong></p> <p>The following versions o
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially leading to further network compromise.</strong></p> &l
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities may allow code execution with elevated privileges.</strong></p> <p>The following versions of GE Vernova Enervista UR Setup are affected:</p> <ul> <li>Enervista UR Setup <8.
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could le
<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2026-1731" target="_blank" title="https://www.cve.org/cverecord?id=cve-2026-1731">CVE-2026-1731</a> BeyondTrust Remote Support (RS) a
<span class="field field--name-title field--type-string field--label-hidden">Carga de ficheros sin restricción en Airleader Master</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-13">Vie, 13/02/2026 - 09:40</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-c
<span class="field field--name-title field--type-string field--label-hidden">Credenciales predeterminadas en SuprOS de Hitachi Energy</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-13">Vie, 13/02/2026 - 09:51</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incib
<p>CISA has added four new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2024-43468" target="_bl
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-09.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Hitachi Energy is aware of a vulnerability that affects the SuprOS product versions listed in this document. An attacker successfully exploiting this vulnerability can cause confidentiality, integrity and availability impacts. Please refer to the Recommended Immed
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and r
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-06.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>SINEC OS before V3.3 contains third-party components with multiple vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions.</strong></p> <p>The following versions of Siemens SIN
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-08.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Siemens NX is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in CGM format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or pot
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-10.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to obtain remote code execution.</strong></p> <p>The following versions of Airleader Master are affected:</p> <ul> <li>Airleader Master <=6.381 (CVE-20
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Polarion before V2506 contains a vulnerability that could allow authenticated remote attackers to conduct cross-site scripting attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions.</strong></
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-05.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Solid Edge uses PS/IGES Parasolid Translator Component that contains an out of bounds read that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lea
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-07.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>The Webhooks implementation of Siveillance Video Management Servers contains a vulnerability that could allow an authenticated remote attacker with read-only privileges to achieve full access to Webhooks API. Siemens has released new versions for the affected prod
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new version
Low<span class="field field--name-title field--type-string field--label-hidden">Denegación de servicio en PI Data Archive de AVEVA</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-11">Mié, 11/02/2026 - 10:23</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cert
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en productos de ZLAN Information Technology Co.</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-11">Mié, 11/02/2026 - 11:08</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://w
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en productos de Schneider Electric</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-02-11">Mié, 11/02/2026 - 09:45</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/
<div class="OutlineElement Ltr SCXW169298289 BCX8"> <p>CISA has added six new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation. </p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2026-21510" target="_blank"><u>CVE-2026-21510</u></a> Microsoft Windows Shell Pro
<p>CISA released the guidance, <em>Barriers to Secure OT Communication: Why Johnny Can’t Authenticate</em>, which highlights the known issues with insecure-by-design legacy industrial protocols and seeks to understand why the technology to secure these protocols is not widely adopted. CISA developed this guidance in partnership with operational technology (OT) equipment manufacturers and standard development organizations, by interviewing OT asset owners and operators to unders
High<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-041-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could result in an attacker bypassing authentication, or resetting the device password.</strong></p> <p>The following versions of ZLAN Information Technology Co. ZLAN5143D are affected:</p> &
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsma-26-041-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to protected health information (PHI) or device telemetry.</strong></p> <p>The following versions of ZOLL ePCR IOS Mobile Application are affected:
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-041-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in an unauthorized access to the proxy server.</strong></p> <p>The following versions of AVEVA PI to CONNECT Agent are affected:</p> <ul> <li>PI to CONNECT Agent <
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-041-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in a denial-of-service condition.</strong></p> <p>The following versions of AVEVA PI Data Archive are affected:</p> <ul> <li>PI Data Archive PI Server <=2018_SP3_
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-041-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to redirected users to malicious sites, decrypt communications, perform a man-in-the-middle (MITM) attack, execute malicious scripts, steal files, and perform other various attacks.</stron
Low