Chemical Incident Reporting – Week of 2-21-26

NOTE: See here for series background.

Cofield, NC – 2-21-26

Local News Report: Here, here, and here.

There was a grain silo explosion at a feed mill. One employee died and two were transported to local hospital. There is no mention of the level of damages to the facility.

CSB reportable.

Colton, CA – 2-25-26

Local News Report: Here, here, and here.

There was an explosion in a trailer containing hydrogen cylinders. One person was killed and one was transported to hospital with burn injuries. The first article reported that the trailer contained hydrogen fuel cells which may have included hydrogen cylinder if they were operational.

Possible CSB reportable. While a fire/explosion in a trailer in transit would be an NTSB matter, a trailer parked at a fixed facility with ongoing operations out of the trailer would be a fixed site under EPA/CSB rules.

Brookfield, WI – 2-25-26

Local News Report: Here, here, here, and here.

There was a refrigerant leak at a large retail store. The building was evacuated. No injuries or damages were reported.

Not CSB reportable.

Greenville, NC – 2-25-26

Local News Report: Here, here, and here.

There was an apparent carbon monoxide leak at a manufacturing facility. The facility was evacuated and 18 employees were transported to local hospitals. There is no reported source of CO at the facility.

Possible CSB reportable if any of the 18 were admitted to the hospital.

Memphis, TN – 2-26-26

Local News Report: Here and here.

There was an unidentified chemical spill at a package shipping hub. No injuries were reported.

Not CSB reportable.

Review – Public ICS Disclosures – Week of 2-21-26 - Part 1

We have a busy disclosure week. For Part 1 we have 17 vendor disclosures from ABB (2), Dell, Festo, Fujitsu, Hitachi (2), Hitachi Energy (3), HP (2), HPE (3), Sick, and Supermicro.

Advisories

ABB Advisory #1 - ABB published an advisory that discusses an insecure default initialization of resource vulnerability in their Automation Builder product.

ABB Advisory #2 - ABB published an advisory that discusses three vulnerabilities in their AC500 V3 products.

Dell Advisory - Dell published an advisory that describes four vulnerabilities in their Wyse Management Suite.

Festo Advisory - CERT-VDE published an advisory that 126 vulnerabilities in the Festo Automation Suite product. These are third-party (CODESYS) vulnerabilities.

Fujitsu Advisory - JP-CERT published an advisory that describes an out-of-bounds write vulnerability in the Fujitsu Fujitsu BIOS Driver.

Hitachi Advisory #1 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Configuration Manager and Ops Center API Configuration Manager products.

Hitachi Advisory #2 - Hitachi published an advisory that describes an insertion of sensitive information into a log file vulnerability in their Configuration Manager and Ops Center API Configuration Manager products.

Hitachi Energy Advisory #1 - Hitachi Energy published an advisory that describes four vulnerabilities (one with publicly available exploit) in their RTU500 series CMU Firmware.

Hitachi Energy Advisory #2 - Hitachi Energy published an advisory that describes two vulnerabilities in their Relion REB500 Product.

Hitachi Energy Advisory #3 - Hitachi Energy published an advisory that discusses a deserialization of untrusted data vulnerability in their Ellipse product.

HP Advisory #1 - HP published an advisory that discusses four vulnerabilities (two with publicly available exploits) in their LaserJet Enterprise and LaserJet Managed Printers.

HP Advisory #2 - HP published an advisory that describes three improper check for unusual or exceptional conditions vulnerabilities in multiple product lines utilizing the Intel NPU driver.

HPE Advisory #1 - HPE published an advisory that describes an authentication bypass vulnerability in their AutoPass License Server (APLS).

HPE Advisory #2 - HPE published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in their ProLiant AMD DL/XL Servers.

HPE Advisory #3 - HPE published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in their SimpliVity Servers.

Sick Advisory - Sick published an advisory that describes two use of risky or broken cryptographic algorithm vulnerabilities in their LMS1000 and MRS1000 products.

Supermicro Advisory - Supermicro published an advisory that discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in multiple products.

 

For more information on these disclosures, including links to 3^rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-805 - subscription required.

Chemical Transportation Incidents – Week of 1-24-26

Reporting Background

See this post for explanation, with the most recent update here (removed from paywall).

Data from PHMSA’s online database of transportation related chemical incidents that have been reported to the agency.

Incidents Summary

• Number of incidents – 320 (288 highway, 29 air, 3 rail, 0 water)

• Serious incidents – 1 (1 Bulk release, 0 evacuation, 0 injury, 0 death, 1 major artery closed, 0 fire/explosion, 27 no release)

• Largest container involved – 27,312-gal DOT 111A100W5 Railcar {Hydrochloric Acid} Leaking pressure relief device.

• Largest amount spilled – 5,500-gal DOT 406 Trailer {Gasoline Includes Gasoline Mixed With Ethyl Alcohol, With Not More Than 10% Alcohol} Release due to roll-over truck accident.

• Total amount reported spilled in all incidents – 6595.7-gal

NOTE: Links above are to Form 5800.1 for the described incidents.

Most Interesting Chemical: Dimethyl Sulfide: A clear colorless to straw colored liquid with a disagreeable odor. Flash point less than 0°F. Less dense than water and slightly soluble in water. Vapors are heavier than air. (Source: CameoChemicals.NOAA.gov).

 

Review – CSB Publishes Dow EO Release Investigation Report

Yesterday the Chemical Safety Board (CSB) announced the publication of a report on the 2023 explosion and ethylene oxide release incident at the DOW plant in Plaquemine, Louisiana. The incident resulted in the release of 31,000-lbs of EO, but no one was reported injured and there were no deaths. The CSB reported three safety issues identified and published four safety recommendations. This leaves seven open investigations.

The incident involved the vapor relief system. Leaks in the system allowed air to enter the piping. When debris from equipment left in a large reflux drum punctured a rupture disk attached to the system, EO vapors entered the piping and created a flammable atmosphere in the piping. The resulting explosion propagated through the pressure relief system.

 

For more information on the report, including a description of the four recommendations – see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/csb-publishes-dow-eo-release-investigation - subscription required.

BIS Sends AI Action Plan Final Rule to OMB

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had received a final rule from the DOC’s Bureau of Industry and Security (BIS) on “AI Action Plan Implementation”. An interim final rule was published (under the earlier title of this rulemaking; Framework for Artificial Intelligence Diffusion) on January 15^th, 2025.

According to the Spring 2025 Unified Agenda for this rulemaking:

“The Bureau of Industry and Security (BIS) intends to rescind portions of the revisions and additions implemented by the Framework for Artificial Intelligence Diffusion,” published January 15, 2025. BIS intends to issue a new rule which will provide a more streamlined framework for enabling the secure deployment of advanced U.S. AI technology abroad.”

This final rule would appear to be beyond the normal scope of coverage of this blog, so I do not plan on detailed coverage of its publication. I would expect to announce that, however, in the appropriate Short Takes post.

10 Advisories and 3 Updates Published – 2-26-26

Today CISA’s NCCIC-ICS published 10 control system security advisories for products from Copeland, Yokogawa, Mobility46, EV Energy, SWITCH EV, Chargemap, EV2GO, CloudCharge, Pelco, and Johnson Controls. They also published updates for advisories from Honeywell, Schneider Electric, and Hitachi Energy.

Advisories

Copeland Advisory - This advisory describes 23 vulnerabilities in the Copeland XWEB and XWEP Pro plant management software.

Yokogawa Advisory - This advisory describes six vulnerabilities in the Yokogaw Vnet/IP Interface Package used in their CENTUM VP R6 and R7 products.

Mobility46 Advisory - This advisory describes four vulnerabilities in the Mobility46 mobility46.se digital parking management and EV charging solution.

EV Energy Advisory - This advisory describes four vulnerabilities in the EV Energy ev.energy EV charging management solution.

SWITCH EV Advisory - This advisory describes four vulnerabilities in the SWITCH EV SwitchEnergy.com multiple EV charging systems management.

Chargemap Advisory - This advisory describes four vulnerabilities in the Chargemap Chargemap.com EV fleet charging management.

EV2GO Advisory - This advisory describes four vulnerabilities in the EV2GO ev2go.io charging infrastructure management.

CloudCharge Advisory - This advisory describes four vulnerabilities in the CloudCharge cloudcharge.se charging facility management.

Pelco Advisory - This advisory describes an authentication bypass using an alternate path or channel vulnerability in the Pelco Sarix Pro 3 Series IP Cameras.

Johnson Controls Advisory - This advisory describes six vulnerabilities in the Johnson Controls Frick Controls Quantum HD compressor control panel.

Updates

Honeywell Update - This update provides additional information on the HIB2PI and HDZ Series CCTV Cameras advisory that was originally published on February 17^th, 2026.

Schneider Update - This update provides additional information on the EcoStruxure Power Operation advisory that was originally published on July 22^nd, 2025.

NOTE: I briefly discussed this new information on February 15^th, 2026.

Hitachi Energy Update - This update provides additional information on the Relion 670/650/SAM600-IO Series advisory that was originally published on May 13^th, 2025, and most recently updated on June 5^th, 2025.

NOTE: I briefly mentioned the Hitachi Energy update on February 1^st, 2026.

 

For more information on these advisories, including a DTRH look at EV charger cybersecurity research, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/10-advisories-and-3-updates-published-7f5 - subscription required.

Short Takes – 2-26-26 – Federal Register Edition

Notice and Request for Comment; Proposal for a New United Nations Global Technical Regulation on Automated Driving Systems (ADS). Federal Register NHTSA request for comments. Summary: “The United Nations Working Party on Automated/Autonomous and Connected Vehicles (GRVA), under the World Forum for the Harmonization of Vehicle Regulations (WP.29) at United Nations Economic Commission for Europe (UNECE), has proposed a draft Global Technical Regulation (GTR) for Automated Driving Systems (ADS). NHTSA is seeking public comment on the draft GTR to help inform the U.S. government's position, including how that position could relate to any future domestic actions regarding the safety and performance of Automated Driving Systems. With this notice, NHTSA is announcing a 15-day extension of the public comment period for this request for comment.” Comments due March 10^th, 2026.

Proposed Renewal Collection and Request for Comment; Confidential Business Information Claims Under the Toxic Substances Control Act (TSCA). EPA 60-day ICR renewal notice. Summary: “In compliance with the Paperwork Reduction Act (PRA), this document announces the availability of and solicits public comment on the following Information Collection Request (ICR) that EPA is planning to submit to the Office of Management and Budget (OMB): Confidential Business Information Claims under the Toxic Substances Control Act (TSCA) (EPA ICR No. 2706.04 and OMB Control No. 2070-0223). This ICR represents a renewal of an existing ICR that is currently approved through August 31, 2026. Before submitting the ICR to OMB for review and approval under the PRA, EPA is soliciting comments on specific aspects of the information collection that is summarized in this document. The ICR and accompanying material are available in the docket for public review and comment.” Comments due April 27^th, 2026.

Worker Safety and Health Requirements To Support Reform of Nuclear Reactor Testing; Reopening of Public Comment Period. DOE NPRM comment extension. Summary: “On January 21, 2026, the U.S. Department of Energy (“DOE”) published a notice of proposed rulemaking (“NOPR”) seeking to amend certain regulations for worker safety and health to expedite the review, approval, and deployment of advanced reactors under DOE's jurisdiction, including qualified test reactors in DOE's reactor pilot program consistent with a recent Executive order. The NOPR provided an opportunity for submitting written comments, data, and information by February 20, 2026. By letter dated February 4, 2026, the American Federation of Labor and Congress of Industrial Organizations (“AFL-CIO”) requested a 45-day extension to the comment period. DOE has reviewed this request and is re-opening the public comment period until March 23, 2026.”

EO 14388 - Continuing the Suspension of Duty-Free De Minimis Treatment for All Countries. Federal Register.

EO 14389 - Ending Certain Tariff Actions. Federal Register.