DOE Withdraws Sunset Provision NPRM

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that the DOE had withdrawn a notice of proposed rulemaking (NPRM) on “Zero-Based Regulating”. Interestingly, the notice reports that the NPRM was also submitted to OIRA yesterday; that probably means that this is just a temporary delay.

According to the Spring 2025 Unified Agenda entry for this rulemaking:

“The U.S. Department of Energy is considering initiating a proposed rule to amend the regulations that govern energy production to include a sunset provision in compliance with EO 14270 [link added], " Zero-Based Regulatory Budgeting To Unleash American Energy".”

FCC Sends PNT Solutions NPRM to OMB

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had received a notice of proposed rulemaking on “Promoting the Development of Positioning, Navigation, and Timing Technologies and Solutions, WT Docket No. 25-110”. The Commission requested comments on 25-110 via a public notice (not FR publication) on March 6^th, 2025.

According to the Spring 2025 Unified Agenda entry for this rulemaking:

“The proceeding seeks to build a record on specific actions the Federal Communications Commission can take to help develop complements and alternatives to the Global Positioning System (GPS) with the goal of ensuring robust and reliable Positioning, Navigation, and Timing (PNT) technologies and solutions.”

Because of the potential use of the ‘timing’ portion of this technology by SCADA (and other types of control) systems, I would expect to give some level of attention the publication of this rulemaking in this blog.

Review – Bills Introduced – 3-2-26

Yesterday, with the Senate in Washington and the House meeting in pro forma session, there were 22 bills introduced. Two of those bills will receive additional coverage in this blog:

HR 7744 Department of Homeland Security Appropriations Act, 2026 Cole, Tom [Rep.-R-OK-4] 

HR 7748 To enhance safety requirements for trains transporting hazardous materials, and for other purposes. Deluzio, Christopher R. [Rep.-D-PA-17]

 

For more information on these bills, including legislative history for similar bills in the 118^th Congress, as well as a mention in passing of a bill limiting institutional investor solicitations after major natural disasters, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-3-2-26 - subscription required.

Review – Public ICS Disclosures – Week of 2-21-26 – Part 2

For Part 2 we have seven additional vendor disclosures from Trumpf, VMware (2), Wireshark (3), and Zyxel. There are ten vendor updates from FortiGuard (3), Hitachi Energy, HP (2), Moxa, and Siemens (3). There are 14 researcher reports for products from Owl (11), and Tattile (3). Finally, we have two exploits for products from Supermicro and Tesla.

Advisories

Trumpf Advisory - CERT-VDE published an advisory that discusses a least privilege violation vulnerability in multiple Trumpf products.

VMware Advisory #1 - Broadcom published an advisory that describes four vulnerabilities in the VMware Workstation and Fusion products.

VMware Advisory #2 - Broadcom published an advisory that describes three vulnerabilities in the VMware Aria Operations product.

Wireshark Advisory #1 - Wireshark published an advisory that describes a buffer over-read vulnerability in their RF4CE Profile dissector.

Wireshark Advisory #2 - Wireshark published an advisory that describes a NULL pointer dereference vulnerability in their NTS-KE dissector.

Wireshark Advisory #3 - Wireshark published an advisory that describes an allocation of resources without limit or throttling vulnerability in their USB HID dissector.

Zyxel Advisory - Zyxel published an advisory that describes seven vulnerabilities in multiple Zyxel product lines.

Updates

FortiGuard Update #1 - FortiGuard published an update for their FortiOS advisory that was originally published on February 10^th, 2026.

FortiGuard Update #2 - FortiGuard published an update for their OpenSSL advisory that was originally published on January 30^th, 20276, and most recently updated on February 17^th, 2026.

FortiGuard Update #3 - FortiGuard published an update for their cw_acd daemon advisory that was originally published on January 13^th, 2026, and most recently updated on January 19^th, 2026.

Hitachi Energy Update - Hitachi Energy published an update for their RTU500 advisory that was originally published on April 30^th, 2024, and most recently updated on September 9^th, 2025.

HP Update #1 - HP published an update for their Intel Xeon Processor advisory that was originally published on October 29^th, 2025.

HP Update #2 - HP published an update for their AMD Embedded Processors advisory that was originally published on September 30^th, 2025.

Moxa Update #1 - Moxa published an update for their Ethernet Switches advisory that was originally published on January 9^th, 2026.

Moxa Update #2 - Moxa published an update for their EDS-P510 Series advisory that was originally published on November 8^th, 2025.

Siemens Update #1 - Siemens published an update for their SINEC OS advisory that was originally published on August 12^th, 2025, and most recently updated on February 12^th, 2026.

Siemens Update #2 - Siemens published an update for their SINEC OS advisory that was originally published on August 12^th, 2025, and most recently updated on February 12^th, 2026.

Siemens Update #3 - Siemens published an update for their SINEC OS advisory that was originally published on January 28^th, 2026.

Researcher Reports

Owl Reports - Nozomi Networks published 11 reports describing vulnerabilities in the Owl OPDS data diode solution.

Tattile Reports - Zero Science published three reports about vulnerabilities in Tattile Cameras.

Exploits

Supermicro Exploit - Indoushka published an exploit for an old (2013) improper restriction of operations within the bounds of a memory buffer vulnerability in the Supermicro Onboard IPMI X9SCL.

Tesla Exploit - Nullze published an exploit for a denial-of-service vulnerability in the Tesla S/3/X.

 

For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-5e6 - subscription required.

Chemical Incident Reporting – Week of 2-21-26

NOTE: See here for series background.

Cofield, NC – 2-21-26

Local News Report: Here, here, and here.

There was a grain silo explosion at a feed mill. One employee died and two were transported to local hospital. There is no mention of the level of damages to the facility.

CSB reportable.

Colton, CA – 2-25-26

Local News Report: Here, here, and here.

There was an explosion in a trailer containing hydrogen cylinders. One person was killed and one was transported to hospital with burn injuries. The first article reported that the trailer contained hydrogen fuel cells which may have included hydrogen cylinder if they were operational.

Possible CSB reportable. While a fire/explosion in a trailer in transit would be an NTSB matter, a trailer parked at a fixed facility with ongoing operations out of the trailer would be a fixed site under EPA/CSB rules.

Brookfield, WI – 2-25-26

Local News Report: Here, here, here, and here.

There was a refrigerant leak at a large retail store. The building was evacuated. No injuries or damages were reported.

Not CSB reportable.

Greenville, NC – 2-25-26

Local News Report: Here, here, and here.

There was an apparent carbon monoxide leak at a manufacturing facility. The facility was evacuated and 18 employees were transported to local hospitals. There is no reported source of CO at the facility.

Possible CSB reportable if any of the 18 were admitted to the hospital.

Memphis, TN – 2-26-26

Local News Report: Here and here.

There was an unidentified chemical spill at a package shipping hub. No injuries were reported.

Not CSB reportable.

Review – Public ICS Disclosures – Week of 2-21-26 - Part 1

We have a busy disclosure week. For Part 1 we have 17 vendor disclosures from ABB (2), Dell, Festo, Fujitsu, Hitachi (2), Hitachi Energy (3), HP (2), HPE (3), Sick, and Supermicro.

Advisories

ABB Advisory #1 - ABB published an advisory that discusses an insecure default initialization of resource vulnerability in their Automation Builder product.

ABB Advisory #2 - ABB published an advisory that discusses three vulnerabilities in their AC500 V3 products.

Dell Advisory - Dell published an advisory that describes four vulnerabilities in their Wyse Management Suite.

Festo Advisory - CERT-VDE published an advisory that 126 vulnerabilities in the Festo Automation Suite product. These are third-party (CODESYS) vulnerabilities.

Fujitsu Advisory - JP-CERT published an advisory that describes an out-of-bounds write vulnerability in the Fujitsu Fujitsu BIOS Driver.

Hitachi Advisory #1 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Configuration Manager and Ops Center API Configuration Manager products.

Hitachi Advisory #2 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Configuration Manager and Ops Center API Configuration Manager products.

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that describes four vulnerabilities (one with publicly available exploit) in their RTU500 series CMU Firmware.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that describes two vulnerabilities in their Relion REB500 Product.

Hitachi Energy Advisory #3 - Hitachi Energy published an advisory that discusses a deserialization of untrusted data vulnerability in their Ellipse product.

HP Advisory #1 - HP published an advisory that discusses four vulnerabilities (two with publicly available exploits) in their LaserJet Enterprise and LaserJet Managed Printers.

HP Advisory #2 - HP published an advisory that describes three improper check for unusual or exceptional conditions vulnerabilities in multiple product lines utilizing the Intel NPU driver.

HPE Advisory #1 - HPE published an advisory that describes an authentication bypass vulnerability in their AutoPass License Server (APLS).

HPE Advisory #2 - HPE published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in their ProLiant AMD DL/XL Servers.

HPE Advisory #3 - HPE published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in their SimpliVity Servers.

Sick Advisory - Sick published an advisory that describes two use of risky or broken cryptographic algorithm vulnerabilities in their LMS1000 and MRS1000 products.

Supermicro Advisory - Supermicro published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in multiple products.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-805 - subscription required.

Chemical Transportation Incidents – Week of 1-24-26

Reporting Background

See this post for explanation, with the most recent update here (removed from paywall).

Data from PHMSA’s online database of transportation related chemical incidents that have been reported to the agency.

Incidents Summary

• Number of incidents – 320 (288 highway, 29 air, 3 rail, 0 water)

• Serious incidents – 1 (1 Bulk release, 0 evacuation, 0 injury, 0 death, 1 major artery closed, 0 fire/explosion, 27 no release)

• Largest container involved – 27,312-gal DOT 111A100W5 Railcar {Hydrochloric Acid} Leaking pressure relief device.

• Largest amount spilled – 5,500-gal DOT 406 Trailer {Gasoline Includes Gasoline Mixed With Ethyl Alcohol, With Not More Than 10% Alcohol} Release due to roll-over truck accident.

• Total amount reported spilled in all incidents – 6595.7-gal

NOTE: Links above are to Form 5800.1 for the described incidents.

Most Interesting Chemical: Dimethyl Sulfide: A clear colorless to straw colored liquid with a disagreeable odor. Flash point less than 0°F. Less dense than water and slightly soluble in water. Vapors are heavier than air. (Source: CameoChemicals.NOAA.gov).