Review – Public ICS Disclosures – Week of 3-21-26 – Part 2

For Part 2 we have nine additional vendor disclosures from Siemens, Supermicro, TP-Link (4), WatchGuard (2), and Yokogawa. Finally, we have a vendor update from FortiGuard.

Advisories

Siemens Advisory - Siemens published an advisory that describes two vulnerabilities in their SICAM 8 products.

Supermicro Advisory - Supermicro published an advisory that discusses nine vulnerabilities in multiple Supermicro product lines.

TP-Link Advisory #1 - TP-Link published an advisory that describes a clear-text storage of sensitive information vulnerability in their TL-WR850N wireless router.

TP-Link Advisory #2 - TP-Link published an advisory that describes an out-of-bounds read vulnerability in their TL-WR841N wireless router.

TP-Link Advisory #3 - TP-Link published an advisory that describes an improper input validation vulnerability in their TD-W8961N wireless modem-router.

TP-Link Advisory #4 - TP-Link published an advisory that describes four vulnerabilities in their Archer NX series gigabit wireless routers.

WatchGuard Advisory #1 - WatchGuard published an advisory that describes a deserialization of untrusted data vulnerability in their Fireware OS products.

WatchGuard Advisory #2 - WatchGuard published an advisory that describes a cross-site request forgery vulnerability in their Fireware OS WebUI.

Yokogawa Advisory - Yokogawa published an advisory that describes a use of hard-coded password vulnerability in their CENTUM VP products.

Updates

FortiGuard Update - FortiGuard published an update for their vmimages update feature advisory that was originally published on March 10^th, 2026.

 

For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-a57 - subscription required.