Tuesday, June 30, 2026

Review – 8 Advisories Published – 6-30-26

Today CISA’s NCCIC-ICS published 7 control system security advisories for products from Delta Electronics, Stonefly, B&R Automation, Schneider (2) Frangoteam, and Mitsubishi. They also published a medical device security advisory for products from OFFIS. 

Advisories  

Delta Advisory - This advisory describes two vulnerabilities in the Delta Electronics DVP12SE PLC. 

StoneFly Advisory - This advisory This advisory describes five vulnerabilities in the StoneFly Storage Concentrator. 

B&R Advisory - This advisory discusses a race condition within a thread vulnerability in multiple B&R products.  

Schneider Advisory #1 - This advisory describes two vulnerabilities in the Schneider Electric EasyLogic T150 and Saitel DP RTU. 

Schneider Advisory #2 - This advisory describes an improper restriction of XML external entity reference vulnerability in the Schneider Electric EcoStruxure IT Data Center Expert. 

Frangoteam Advisory - This advisory describes an authentication bypass by spoofing vulnerability in the Frangoteam FUXA SCADA/HMI. 

Mitsubishi Advisory - This advisory discusses four vulnerabilities in the Mitsubishi MELSOFT Update Manager SW1DND-UDM-M.  

OFFIS Advisory - This advisory describes five vulnerabilities in the OFFIS DCMTK Toolkit. 


For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/8-advisories-published-6-30-26 - subscription required. 

HR 7257 Passed in House – State Energy Security

Yesterday, the House took up HR 7257, the Securing Community Upgrades for a Resilient (SECURE) Grid Act, under the suspension of the rules process. After nine minutes of debate, the bill passed by voice vote. The bill would amend 42 USC 6326 to require States to include local distribution systems in their State Energy Security Plans described in that section. No new funding is authorized by this legislation.

The legislation now moves to the Senate where it is unlikely to be considered under regular order. The voice vote in the House would seem to indicate that it would be a potential candidate for consideration under the Senate’s unanimous consent process. 

Review – Bills Introduced – 6-29-26

Yesterday, with the House in Washington and the Senate meeting in pro forma session, there were 44 bills introduced. None of those bills will receive additional coverage in this blog. 

Space Geek Legislation  

I would like to mention one bill under my limited Space Geek coverage in this blog: 

HR 9534 To direct the Secretary of the Air Force to procure space-based commercial data and end products to support the efforts of the Department of Defense and the wildfire mission of the United States Northern Command. Whitesides, George [Rep.-D-CA-27] 

Late Notice  

On Friday, June 26th, 2026, with neither the House nor Senate in session, there was one bill introduced that will be covered here: 

HR 9495 Making appropriations for the Department of Defense for the fiscal year ending September 30, 2027, and for other purposes. Rep. Calvert, Ken [R-CA-41]    


For more information on these bills, including legislative history for similar bills in the 118th Congress, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-6-29-26 - subscription required. 

Monday, June 29, 2026

HR 7128 Passed in House – TRIA Reauthorization

This afternoon, the House took up HR 7128, the TRIA Program Reauthorization Act of 2026, under the suspension of the rules process. After 18 minutes of debate, the bill was passed by a bipartisan vote of 373 to 15; all of the No votes came from Republicans. The bill would reauthorize the Terrorism Risk Insurance Act (TRIA) program through 2034 and make changes to program’s certification process. No new funding is authorized. 

The bill is unlikely to be considered by the Senate under regular order. I would expect limited Republican opposition to any move to consider the bill under the unanimous consent process, but a single voice rising in opposition kills that process. I would not be surprised to see similar language added to the financial services spending bill. 

HR 7266 Passed in House – Utility Cybersecurity Grants

This afternoon, the House took up HR 7266, the Rural and Municipal Utility Cybersecurity Act, under the suspension of the rules. After about 10 minutes of debate, the House passed the bill on a voice vote. The bill modifies and continues the authorization for the existing Rural And Municipal Utility Advances Cybersecurity Grant And Technical Assistance Program was authorized in 2021 by §40124 of the Infrastructure Investment and Jobs Act (PL 117-58, 135 STAT 953). No annual authorization amount was set by the bill. 

The bill now goes to the Senate where it will not be politically important enough to be considered under regular order. There is a chance that the bill could be approved under the unanimous consent process, particularly since no authorization amount has been established. Another route forward could be to include the bill’s language in the EWR spending bill. 

Friday, June 26, 2026

Review - HR 8560 Introduced – Advanced Automotive Tech

Back in April, Rep Stevens (D,MI) introduced HR 8560, the Shifting Forward Vehicle Technologies Research and Development Act. The bill would require DOE to conduct a research, development, and demonstration program of advanced vehicle technologies on more efficient, sustainable, and domestically available materials and manufacturing processes. It provides a five-year spending authorization for the program, starting at $530 million for FY 2027, increasing slightly in each of the following years. 

HR 8560 is similar to HR 5090, the Shifting Forward Vehicle Technologies Research and Development Act, that was introduced by Stevens in July 2023. No action was taken on that bill in the 118th Congress. That earlier bill did include one section dealing with cybersecurity assessments for on-road vehicles. This bill includes a virtually identical cybersecurity section. 

Moving Forward  

Stevens is a member of the House Science and Technology Committee to which this bill was assigned for consideration. This means that there may be sufficient influence to see the bill considered by the Committee. Unfortunately, there are two issues related to this bill that would make support from the Republican leadership problematic at best. First is the large amount of new spending that would be authorized, over ½ billion dollars annually; the second is the focus on electric vehicles and alternative fuel vehicles. Either issue would be likely to block consideration of the bill. 


For more information on the cybersecurity provisions of this legislation, including a brief commentary on the pace of change to be expected, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-8560-introduced-advanced-automotive - subscription required. 

 
/* Use this with templates/template-twocol.html */