Review – 9 Advisories and 1 Update Published – 6-25-26

Today CISA’s NCCIC-ICS published 7 control system security advisories for products from Schneider Electric, Delta Electronics, H.View, Daktronics, Horner Automation, EVoke Systems, and Yokogawa. They also published two medical device security advisories for products from OHIF and pydicom. They also updated an advisory for AzeoTech. 

Advisories  

Schneider Advisory - This advisory describes three vulnerabilities in the Schneider PowerLogic P7. 

Delta Advisory - This advisory describes a deserialization of untrusted data vulnerability in the Delta DTM Soft product. 

H.VIEW Advisory - This advisory describes two vulnerabilities in the H. VIEW HV-500S6 IP Camera. 

Daktronics Advisory - This advisory describes three vulnerabilities in the Daktronics Controller firmware. 

Horner Advisory - This advisory describes an out-of-bounds read vulnerability in the Horner Cscape product. 

EVoke Advisory - This advisory describes four vulnerabilities in the EVoke Charging Station Management System. 

Yokogawa Advisory - This advisory describes a cleartext transmission of sensitive information vulnerability in the Yokogawa FAST/TOOLS and CI Server. 

OHIF Advisory - This advisory describes a server-side request forgery vulnerability in the Open Health Imaging Foundation (OHIF) Viewers DICOM. 

Pydicom Advisory - This advisory describes a path traversal vulnerability in the pydicom pynetdicom Library. 

Updates  

AzeoTech Advisory - This update provides additional information on the DAQFactory advisory that was originally published on June 18th, 2026. 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/9-advisories-and-1-update-published - subscription required.