Today, CISA’s NCCIC-ICS published three control system security advisories for products from Schneider and Siemens.
NOTE: CISA has not yet sent out their normal email listing the advisories and updates, so I have to rely on the CISA ICS Advisories page, but that page has not listed any updates for a while now, even when they are published.
Advisories
Schneider Advisory #1 - This advisory discusses the BlastRadius.Fail vulnerability.
Schneider Advisory #2 - This advisory describes an insecure default initialization of resource vulnerability in the Schneider Electric EcoStruxure Panel Server.
NOTE: I briefly discussed the vulnerability on May 16th, 2026.
Siemens Advisory - This advisory describes two vulnerabilities in KACO Blueplanet Inverters.
NOTE: I briefly discussed these vulnerabilities on May 16th, 2026.
For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-6-9-26 - subscription required.
Posts
No comments:
Post a Comment