Review – 12 Advisories Published – 4-21-26

Today CISA’s NCCIC-ICS published 12 control system security advisories for products from SenseLive, Silex Technology, Zero Motorcycle, Hardy Barth, Siemens (8). I briefly mentioned the eight Siemens advisories on Saturday. 

Advisories  SenseLive Advisory - This advisory describes 11 vulnerabilities in the SenseLive X3050 industrial serial device server. 

Silex Advisory - This advisory describes 13 vulnerabilities in the SD-330AC and AMC Manager. 

Zero Motorcycles Advisory - This advisory describes a key exchange without entity authentication vulnerability in Zero Motorcycles. 

Hardy Barth Advisory - This advisory describes two vulnerabilities (both with publicly available exploits) in the Hardy Barth Salia EV Charge Controller.  

Siemens Advisory #1 - This advisory describes an authentication bypass by primary weakness vulnerability in the Siemens Industrial Edge Management products. 

Siemens Advisory #2 - This advisory describes an authorization bypass through user-controlled key vulnerability in the Siemens SINEC NMS network traffic monitoring software. 

Siemens Advisory #3 - This advisory discusses a numeric truncation error vulnerability in the Siemens RUGGEDCOM CROSSBOW Station Access Controller. 

Siemens Advisory #4 - This advisory discusses 15 vulnerabilities in the Siemens SCALANCE W-700 IEEE 802.11n family. 

Siemens Advisory #5 - This advisory describes an improper certificate validation vulnerability in the Siemens Analytics Toolkit. 

Siemens Advisory #6 - This advisory describes an improper verification of cryptographic signature vulnerability in the Siemens SINEC NMS network traffic monitoring software. 

Siemens Advisory #7 - This advisory describes an incorrect privilege management vulnerability in the Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary. 

Siemens Advisory #8 - This advisory discusses an out-of-bounds read vulnerability in the Siemens TPM 2.0 implementation in multiple Siemens products. 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/12-advisories-published-4-21-26 - subscription required. 

Looking Back – 3-8-11

 Nearly every morning I start my computer time by looking at information from Google about what happened in my blog in the previous 24 hours. Google, and blogspot.com is a Google service, provides interesting pieces of analytical data about my blog readership. One item of particular interest is the top ten blog posts each day. As you would expect, most of those posts were from the last couple of days, but with 16 years of publishing this blog, every once-in-a-while, a blog post from ancient history rises into that list. 

Today, a blog post from March 8th, 2011, made the list. It was a short piece (1 paragraph) about an ICS-CERT Alert for an Active X vulnerability in the WellinTech’s KingView 6.53. The link to the alert that was in the article was dead but has since been updated. Unfortunately, neither that updated Alert, nor it’s followup advisory provided a CVE number for the vulnerability. The advisory noted that an updated DLL file was available to mitigate the vulnerability. 

A little more digging this morning showed a vulnerability (CVE-2011-0406) reported by Dillon Beresford (with a Metasploit module published in September of 2010) that may be reported vulnerability. There is an interesting blog post by Dillon about the history of that vulnerability, with a follow-up post here. It is an old story, but one that unfortunately still resonates today. 

Review – Committee Hearings – Week of 4-19-26

 This week, with both the House and the Senate in Washington, there is a moderately busy hearing schedule. Budget hearings (both House and Senate) and spending bill markups (in the House) continue. There are also two Space Geek related hearings in the House. 

Spending Bill Hearings  

House  

Tuesday - Fiscal Year 2027 Military Construction, Veterans Affairs, and Related Agencies Bill, Fiscal Year 2027 Financial Services and General Government Bill, and Interim Subcommittee Allocations, 

Wednesday - Continuation Of Full Committee Markup Of Fiscal Year 2027 Financial Services And General Government Bill,  

Thursday - Subcommittee Markup Of Fiscal Year 2027 National Security, Department Of State, And Related Programs Bill And Fiscal Year 2027 Agriculture, Rural Development, Food And Drug Administration, And Related Agencies Bill. 

Space Geek Hearings 

On Tuesday, the Subcommittee on Communications and Technology of the House Energy and Commerce Committee will hold a hearing on “SAT Streamlining Act: Modernizing Satellite Licensing for the Final Frontier”.  

On Wednesday, the House Foreign Affairs Committee will hold a business meeting to consider 22 bills, including HR 8321, the Artemis Accords Authorization Act. 

For more information on these hearings, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/committee-hearings-week-of-4-19-26 - subscription required.

Review - Public ICS Disclosures – Week of 4-11-26 – Part 2

 For Part 2 we have four additional vendor disclosures from ABB, Supermicro (3). We also have 20 bulk vendor updates from Schneider (7) and Siemens (13). There are two additional vendor updates from Moxa (2). We also have four researcher reports of vulnerabilities in products from Lab Center (4). Finally, we have three exploits published for vulnerabilities for products from FortiGuard and Siemens (2). 

Advisories  

ABB Advisory - ABB published an advisory that describes an improper validationo f specified quantity in input vulnerability in their AC800M and Symphony Plus product lines. 

Supermicro Advisory #1 - Supermicro published an advisory that discusses a missing lock check vulnerability in multiple Supermicro products. 

Supermicro Advisory #2 - Supermicro published an advisory that discusses a missing lock check vulnerability in multiple Supermicro products. 

Supermicro Advisory #3 - Supermicro published an advisory that discusses an access of memory location after end of buffer vulnerability in multiple Supermicro products. 

Bulk Vendor Updates – Schneider 

• Modicon M340 Controller and Communication Modules,  

• Modicon M340 and BMXNOE0100/0110, BMXNOR0200 Communication Modules,   

• Modicon Controllers M340 / Momentum / MC80, 

• Modbus/TCP Ethernet Modicon M340 module, and Modbus/ TCP Ethernet Modicon M340 FactoryCast module,  

• EcoStruxure™ Control Expert, EcoStruxure™ Process Expert and Modicon M340, M580 and M580 Safety PLCs,  

• EcoStruxure™ Control Expert, EcoStruxure™ Process Expert and Modicon M340, M580 and M580 CPU Safety, and 

• Modicon Controllers. 

Bulk Vendor Updates – Siemens  

• Frame Aggregation and Fragmentation Vulnerabilities in 802.11, 

• Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices, 

• Denial of Service Vulnerability in the RADIUS Client of SIPROTEC 5 Devices, 

• Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module, 

• Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products, 

• Multiple Web Vulnerabilities in SCALANCE Products,  

• Denial of Service Vulnerability in Profinet Devices,  

• Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products,  

• Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products,  

• Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC),  

• OpenSSL Vulnerability in Industrial Products,  

• Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs,  

• XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER, 

Updates  

Moxa Update #1 - Moxa published an update for their Ethernet Switches advisory that was originally published on February 4th, 2026. 

Moxa Update #2 - Moxa published an update for their Diffie-Hellman Key Exchange Protocol advisory that was originally published on June 2nd, 2025, and most recently updated on February 4th, 2026. 

Researcher Reports  

Lab Center Reports - ZDI published four reports describing vulnerabilities in the Lab Center Proteus printed circuit board design suite. 

Exploits  

FortiGuard Exploit - Samuel de Lucas published an exploit for an OS command injection vulnerability in the FortiGuard FortiSandbox product. 

Siemens Exploit #1 - S. Dietz published an exploit for a an out-of-bounds write vulnerability in the Siemens SICAM 8 products. 

Siemens Exploit #2 - S. Dietz, et al, published an exploit for an allocation of resources without limit or throttling vulnerability in the Siemens SICAM 8 products. 

For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-9f5 - subscription required.