<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation to some extent. Update A, 2022-12-13 Added affected device "Bus modu
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-10.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Schneider Electric is aware of a vulnerability in its EcoStruxure Power Build Rapsody software. The [EcoStruxure Power Build Rapsody](https://www.se.com/ww/en/product-country-selector/?pageType=product-range&sourceId=2309) is used to enter or import the single line
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-08.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Siemens Industrial Edge Devices contain an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Siemens has released new versions for several affected products and recomme
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-06.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>SINEC Security Monitor before V4.10.0 contains multiple vulnerabilities. Siemens has released a new version for SINEC Security Monitor and recommends to update to the latest version.</strong></p> <p>The following versions of Siemens SINEC Security Monitor
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-09.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices (for Siemens Industrial Edge devices see Additional Information). Industrial Edge Device Kit contains an authorization bypass vulnerability that could facilitate an
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Siemens ET 200SP contains a denial-of-service vulnerability that could be triggered by sending a valid S7 protocol Disconnect Request (COTP DR TPDU), causing the device to become unresponsive and require a power cycle to recover. Siemens has released new versions for severa
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>TeleControl Server Basic before V3.1.2.4 contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges. Siemens has released a new version for TeleControl Server Basic and recommends to update to the latest v
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-05.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Ruggedcom ROS devices contain a temporary denial of service vulnerability that could allow an attacker to crash and restart the device. Siemens has released new versions for the affected products and recommends to update to the latest versions.</strong></p> <
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could enable an attacker to execute remote code, perform SQL injection, escalate privileges, or access sensitive information.</strong></p> <p>The following versions of AVEVA Process Optimization are affected
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-350-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could compromise the integrity of the product data and disrupt its availability.</strong></p> <p>The following versions of Hitachi Energy AFS, AFR and AFF Series are affected:</p> <ul> <li>AFS
Low<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" title=" Known Exploited Vulnerabilities (KEV) Catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2025-59718" target="_blank" title="CVE-2025-59718" data-entity-type="external"><u>CVE-2025-59718</u>&l
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-350-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack.</strong></p> <p>The following versions of Johnson Controls PowerG, IQPanel and IQHub are affected:</p> <ul>
Low<p>CISA has added three new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" title="Known Exploited Vulnerabilities (KEV) Catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2025-20393" target="_blank" title="CVE-2025-20393" data-entity-type="external"><u>CVE-2025-20393</u>
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-06.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an authenticated attacker to read or modify a remote database.</strong></p> <p>The following versions of Advantech WebAccess/SCADA are affected:</p> <ul> <li>WebAccess/SCADA (CV
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-08.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code, executing a man-in-middle style attack, or bypass authentication.</strong></p> <p>The following versions of Axis Communications Camera Station Pro, Camer
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to be granted direct SYSTEM-level code execution on the host operating system running the Ignition Gateway service on Windows systems.</strong></p> <p>The following versions of Inductive
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in denial-of-service (DoS), information tampering, and information disclosure.</strong></p> <p>The following versions of Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Produ
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Schneider Electric is aware of a vulnerability disclosed by Microsoft in the Microsoft Windows Server Update Services (WSUS) used in the EcoStruxure™ Foxboro DCS Advisor services. The EcoStruxure™ Foxboro DCS Advisor, an optional component of the [EcoStruxure™ Foxboro DCS s
<div class="OutlineElement Ltr SCXW237618995 BCX8"> <p>CISA released nine Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. </p> </div> <div class="ListContainerWrapper SCXW237618995 BCX8"> <ul> <li>ICSA-25-352-01 <a href="https://www.cisa.gov/news-events/ics-advisories/icsa-25-352-01" title="Inductive Automation Ignition" data
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-07.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could result in a denial-of-service condition.</strong></p> <p>The following versions of Rockwell Automation Micro820, Micro850, Micro870 are affected:</p> <ul> <li>Micro820 (CVE-2025-13823
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-05.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Multiple Industrial products are affected by a vulnerability in the Interniche IP-Stack. The affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote att
Low<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" title=" Known Exploited Vulnerabilities (KEV) Catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2025-14733" target="_blank" title="CVE-2025-14733" data-entity-type="external"><u>CVE-2025-14733</u>&l
<p>Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Canadian Centre for Cyber Security released an update to the <a href="https://www.cisa.gov/news-events/analysis-reports/ar25-338a" title=" BRICKSTORM Backdoor ">Malware Analysis Report BRICKSTORM Backdoor </a>with indicators of compromise (IOCs) and detection signatures for additional BRICKSTORM samples. This update provides information on additional samples, including Rust-base
<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" title=" Known Exploited Vulnerabilities (KEV) Catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2023-52163" target="_blank" title="CVE-2023-52163" data-entity-type="external"><u>CVE-2023-52163</u>&l
<div class="OutlineElement Ltr SCXW219688596 BCX8"> <p>The Cybersecurity and Infrastructure Security Agency (CISA) and<strong> </strong>National Institute of Standards and Technology (NIST) have released an initial draft of Interagency Report (IR) 8597 <a href="https://www.cisa.gov/resources-tools/resources/protecting-tokens-and-assertions-forgery-theft-and-misuse" title="Resource page" data-entity-type="node" data-entity-uuid="1bc1d50d-82aa-483f-9e22-243f4f996a81" dat
<p>CISA released one Industrial Control Systems (ICS) Advisory. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. </p> <ul> <li>ICSA-25-177-01 <a href="https://www.cisa.gov/news-events/ics-advisories/icsa-25-177-01" title="Mitsubishi Electric Air Conditioning Systems (Update B)" data-entity-type="node" data-entity-uuid="d2ebe6a2-bde8-4757-bfbb-e00d6cbcc3be" data-entity-substitution="canoni
<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2025-14847" target="_blank" data-entity-type="external"><u>CVE-2025-14847</u></a> MongoDB and MongoDB Server Improper Handling of Length Parameter Inco
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsma-25-364-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker within Bluetooth range to take control over the product.</strong></p> <p>The following versions of WHILL Model C2 Electric Wheelchairs and Model F Power Chairs are affected:</p> &
Low<div class="OutlineElement Ltr SCXW260042838 BCX8"> <p>CISA released two Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. </p> <ul> <li>ICSA-25-364-01: <a href="https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-364-01" data-entity-type="node" data-entity-uuid="c2bdda08-9044-49c0-b966-20c5433fd29f" data-entity-substitution="
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-26-006-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to redirect connections to an attacker controlled device, gain admin access to the web portal, or gain limited shell access.</strong></p> <p>The following versions of Columbia Weather
Low<div class="OutlineElement Ltr SCXW177556402 BCX8"> <p>CISA has added two new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog"><u>Known Exploited Vulnerabilities (KEV) Catalog</u></a>, based on evidence of active exploitation. </p> <ul&
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-008-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Hitachi Energy is aware of a Jasper Report vulnerability that affects the Asset Suite product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution (RCE) attack on the product. Please refer to the Recommended Immed
Low<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation. </p> <ul> <li><a href="https://www.cve.o
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-013-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow an attacker to remotely control other users' smart home devices, intercept sensitive data, and hijack sessions.</strong></p> <p>The following versions of YoSmart YoLink Smart Hub are affected:<
Low<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/CVERecord?id=CVE-2026-20805" target="_blank
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-013-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to perform unauthorized sensitive database operations.</strong></p> <p>The following versions of Rockwell Automation FactoryTalk DataMosaix Private Cloud are affected:</p> <ul&g
Low<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-013-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could result in a denial-of-service condition.</strong></p> <p>The following versions of Rockwell Automation 432ES-IG3 Series A are affected:</p> <ul> <li>432ES-IG3 Series A (CVE-2025-9368)<
<span class="field field--name-title field--type-string field--label-hidden">Ausencia de autenticación en sillas de ruedas eléctricas de WHILL</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-02">Vie, 02/01/2026 - 09:17</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en productos de Moxa</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-02">Vie, 02/01/2026 - 09:50</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cert/av
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en WebPro SNMP Card PowerValue de ABB</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-08">Jue, 08/01/2026 - 10:01</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.
<span class="field field--name-title field--type-string field--label-hidden">Múltiples vulnerabilidades en productos de Mitsubishi Electric</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-08">Jue, 08/01/2026 - 12:34</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es
<span class="field field--name-title field--type-string field--label-hidden">Avisos de seguridad de Siemens de enero de 2026</span> <span class="field field--name-created field--type-created field--label-hidden"><time class="datetime" datetime="2026-01-12">Lun, 12/01/2026 - 10:10</time> </span> <div class="field field--name-field-tipos-de-avisos field--type-entity-reference field--label-hidden field__item"><a href="https://www.incibe.es/incibe-cert/av