Thursday, March 26, 2026

Review – 3 Advisories and 1 Update Published – 3-26-26

Today CISA’s NCCIC-ICS published three control system security advisories for products from PTC, OpenCode Systems, and WAGO. They also updated an advisory for products from Honeywell.

Advisories

PTC Advisory - This advisory describes a code injection vulnerability (with available indicators of compromise) in the PTC Windchill and FlexPLM product lifecycle management products.

OpenCode Advisory - This advisory describes an improper access control vulnerability in the OpenCode Systems OC Messaging and USSD Gateway.

WAGO Advisory - This advisory describes the a hidden functionality vulnerability in the WAGO Industrial Managed Switches.

Updates

Honeywell Update - This update provides additional information on the IQ4x BMS Controller advisory that was originally published on March 10th, 2026.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-and-1-update-published-4be - subscription required.
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */