Review - Public ICS Disclosures – Week of 5-23-26 – Part 3

For Part 3 we have nine additional vendor disclosures from Hitachi Energy, TP-Link (4), Westermo (3), and Zyxel. We have bulk vendor updates from Palo Alto Networks (9). There are three additional vendor updates from D-Link, HPE, and Siemens. There is a researcher report for vulnerabilities in products from Fimer. Finaly, we have an exploit for products from D-Link. 

Advisories  

Hitachi Energy Advisory - Hitachi Energy published an advisory that discusses seven vulnerabilities (one with publicly available exploit) in their RTU500 product. 

TP-Link Advisory #1 - TP-Link published an advisory that describes a cross-site scripting vulnerability in their TL-SG108PE v5.6 switch. 

TP-Link Advisory #2 - TP-Link published an advisory that describes a cleartext transmission of sensitive information vulnerability in their Tapo L535E, P300 and D100C products. 

TP-Link Advisory #3 - TP-Link published an advisory that describes an authentication bypass using an alternate path or channel vulnerability in their Archer C64 product. 

TP-Link Advisory #4 - TP-Link published an advisory that describes and improper input validation vulnerability in their Archer BE450 and BE7200 products. 

Westermo Advisory #1 - Westermo published an advisory that discusses an integer overflow vulnerability in their WeOS 5 devices. 

Westermo Advisory #2 - Westermo published an advisory that discusses an improper preservation of permissions vulnerability in their WeOS 5 devices. 

Westermo Advisory #3 - Westermo published an advisory that describes an insufficient session expiration vulnerability in their WeOS5 devices. 

Zyxel Advisory - Zyxel published an advisory that describes a missing authorization vulnerability in their GS1200v3 series switches. 

Updates  

Bulk Vendor Updates – Palo Alto Networks (9). 

D-Link Update - D-Link published an update for their DIR-X3260 advisory that was originally published on June 27th, 2023. 

HPE Update - HPE published an update for their ProLiant DL/ML/XD Alletra and Synergy Servers advisory that was originally published on December 12th, 2025, and most recently updated on February 10th, 2026. 

Siemens Update - Siemens published an update for their KACO blueplanet Inverters advisory that was originally published on May 12th, 2026. 

Researcher Reports  

Fimer Report - Saiflow published a report that describes an authentication bypass using an alternate path or channel vulnerability in the Fimer VSN700 Data Logger. 

Exploit  

D-Link Exploit - Amir Hossein Jamshidi published an exploit for an administrative password vulnerability in the D-Link DSL2600U high-speed wireless router. 

For more information on these disclosures, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-5-afa - subscription required.