Review – 8 Advisories and 2 Updates Published – 1-22-26

Today CISA’s NCCIC-ICS published eight control system security advisories for products from EVMAPA, Delta Electronics, Hubitat, Weintek, Johnson Controls, Rockwell Automation, and Schneider Electric. They also updated two advisories for products from Hitachi Energy, and Axis Communications.

Advisories

EVMAPA Advisory - This advisory describes three vulnerabilities in the EVMAPA vehicle charging software.

Delta Advisory - This advisory describes a command injection vulnerability in the Delta DIAView product.

NOTE: I briefly discussed this vulnerability on January 17^th, 2026.

Hubitat Advisory - This advisory describes an authorization bypass through user controlled key vulnerability Hubitat Elevation Hubs (home automation hubs).

Weintek Advisory - This advisory describes two vulnerabilities in the Weintek cMT X Series HMI EasyWeb Service.

Johnson Controls Advisory - This advisory describes a stack-based buffer overflow vulnerability in the Johnson Control iSTAR Configuration Utility (ICU) tool.

Rockwell Advisory - This advisory describes an improper validation of specified quantity in input vulnerability in the Rockwell CompactLogix 5370 PLCs.

AutomationDirect Advisory - This advisory describes two vulnerabilities in the AutomationDirect CLICK Programmable Logic Controller.

Schneider Advisory - This advisory that describes an incorrect default permissions vulnerability in their EcoStruxure Process Expert products

NOTE: I briefly discussed this vulnerability on January 17^th, 2026.

Updates

Hitachi Energy Update - This update provides additional information on the Relion 670/650 advisory that was originally published on July 3^rd, 2025, and most recently updated on August 28^th, 2025.

NOTE: I briefly discussed this updated information on December 14^th, 2025.

Axis Update - This update provides additional information on the Camera Station Pro advisory that was originally published on December 18^th, 2025, and most recently updated on January 15^th, 2026.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/8-advisories-and-2-updates-published-68c - subscription required.

Review – 12 Advisories and 3 Updates Published – 1-15-26

Today CISA’s NCCIC-ICS published 15 control system security advisories for products from Siemens (9), Schneider Electric, Festo, and AVEVA. They also updated advisories for products from Mitsubishi Electric (2) and Axis Communications.

Advisories

SIMATIC Advisory #1 - This advisory describes five vulnerabilities in the Siemens SIMATIC CN 4100 communications node.

NOTE: I briefly mentioned these vulnerabilities on December 14^th, 2026.

SIMATIC Advisory #2 - This advisory describes an uncontrolled resource consumption vulnerability in the Siemens SIMATIC and SIPLUS product lines.

RUGGEDCOM Advisory #1 - This advisory describes six vulnerabilities in the Siemens RUGGEDCOM ROX II family.

NOTE: I briefly mentioned these vulnerabilities on December 14^th, 2026.

RUGGEDCOM Advisory #2 - This advisory discusses four vulnerabilities in the Siemens RUGGEDCOM APE1808 Devices.

RUGGEDCOM Advisory #3 - This advisory describes an improper input validation vulnerability in the Siemens RUGGEDCOM ROS products.

NOTE: I briefly mentioned these vulnerabilities on December 14^th, 2026.

Industrial Edge Advisory #1 - This advisory describes an authorization bypass through user controlled key vulnerability in the Siemens Industrial Edge Device Kit.

Industrial Edge Advisory #2 - This advisory describes an authorization bypass through user controlled key vulnerability in the Siemens Industrial Edge Devices.

SINEC Advisory - This advisory describes two vulnerabilities in the Siemens SINEC Security Monitor.

NOTE: I briefly mentioned these vulnerabilities on December 14^th, 2026.

TeleControl Advisory - This advisory describes execution with unnecessary privileges vulnerability in the Siemens TeleControl Server Basic.

Schneider Advisory - This advisory describes two vulnerabilities in the Schneider EcoStruxure Power Build Rapsody.

Festo Advisory - This advisory describes an insufficient technical documentation vulnerability in multiple Festo products.

I briefly discussed this vulnerability on December 3^rd, 2022.

AVEVA Advisory - This advisory describes seven vulnerabilities in the AVEVA Process Optimization product.

Updates

Mitsubishi Update #1 - This update provides additional information on the MC Works64 Products advisory that was originally published on July 26^th, 2022, and most recently updated on July 24^th, 2025.

NOTE: I briefly discussed this updated information on January 10^th, 2026.

Mitsubishi Update #2 - This update provides additional information on the FA Engineering Software Products advisory that as originally published on May 14^th, 2024, and most recently updated on August 28^th, 2025.

Axis Update - This update provides additional information on the Camera Station Pro advisory that was originally published on December 18^th, 2025.

 

For more information on these advisories, as well as an ongoing discussion about CISA format changes, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/12-advisories-and-3-updates-published - subscription required.

Review – 8 Advisories and 1 Update Published – 12-18-25

Today CISA’s NCCIC-ICS published eight control system security advisories for products from Axis Communications, Rockwell Automation, Advantech, Siemens, Mitsubishi Electric, National Instruments, Schneider Electric, and Inductive Automation. They also updated an advisory for products from Mitsubishi.

Advisories

Axis Advisory - This advisory describes four vulnerabilities in multiple Axis surveillance products.

Rockwell Advisory - This advisory describes two vulnerabilities in the Rockwell Micro8xx PLCs.

Advantech Advisory - This advisory describes five vulnerabilities in the Advantech WebAccess/SCADA product.

Siemens Advisory - This advisory describes an improper verification of source of a communications channel vulnerability in the Siemens Interniche IP-Stack used in a wide range of Siemens products.

NOTE: I briefly mentioned this vulnerability on December 14^th, 2025.

Mitsubishi Advisory - This advisory describes an OS command injection vulnerability in multiple Mitsubishi Electric Iconics Digital Solutions products.

NI Advisory - This advisory describes nine vulnerabilities in the NI LabView product.

Schneider Advisory - This advisory discusses a deserialization of untrusted data vulnerability in the Schneider EcoStruxure Foxboro DCS Advisor.

NOTE: I briefly discussed this vulnerability on December 14^th, 2025.

Inductive Advisory - This advisory describes an execution with unnecessary privileges vulnerability in the Inductive Ignition product.

Updates

Mitsubishi Update - This update provides additional information on the CNC Series advisory that was originally published on October 17^th, 2024, and most recently updated on March 18^th, 2025

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/8-advisories-and-1-update-published-f72 - subscription required.

Review – Public ICS Disclosures – Week of 11-23-24

This week we have 41 vendor disclosures from Axis (5), B&R, Dell, Dassault Systems, ELECOM, Fuji Electric, GE Vernova (19), Hitachi Energy, HPE, Mitsubishi, Palo Alto Networks, PEPPERL+FUCHS, Splunk (2), SMA Solar Technology, VMware, and Zyxel. There are also five vendor updates from ELECOM (4) and FortiGuard. We also have 21 researcher reports of vulnerabilities in products from ABB (4) and Fuji (17).

Advisories

Axis Advisory #1 - Axis published an advisory that describes an improper validation of syntactic correctness of input vulnerability in their AxisOS product.

Axis Advisory #2 - Axis published an advisory that describes an improper validation of syntactic correctness of input vulnerability in their AxisOS product.

Axis Advisory #3 - Axis published an advisory that describes an incorrect default permissions vulnerability in their Camera Station products.

Axis Advisory #4 - Axis published an advisory that describes an insufficiently protected credentials vulnerability in the Camera Station products.

Axis Advisory #5 - Axis published an advisory that describes a client-side enforcement of server-side security vulnerability in their Camera Station products.

B&R Advisory - B&R published an advisory that describes an authentication bypass using an alternate path or channel vulnerability in multiple mapp products.

Dell Advisory - Dell published an advisory that describes four vulnerabilities in their Wyse Management Suite. The first vulnerability is a third-party (MongoDB) issue.

Dassault Systems Advisory - Dassault Systems published an advisory that discusses a deserialization of untrusted data vulnerability (with publicly available exploit) in their Iterop product.

ELECOM Advisory - JP-CERT published an advisory that describes four vulnerabilities in multiple ELECOM wireless LANs.

Fuji Advisory - JP-CERT published an advisory that describes three vulnerabilities in the Fuji V-SFT, TELLUS, and V-Server products.

GE Vernova Advisories - GE Vernova (formerly Grid Solutions) published 19 advisories.

Hitachi Energy Advisory - Hitachi Energy published an advisory that discusses four vulnerabilities in their NSD570 Teleprotection Equipment.

HPE Advisory - HPE published an advisory that describes an unauthorized data modification vulnerability in their IceWall Products.

Mitsubishi Advisory - Mitsubishi published an advisory that describes three vulnerabilities in their GENESIS64TM and MC Works64 products.

Palo Alto Networks Advisory - Palo Alto Networks published an advisory that describes an improper certificate validation vulnerability (with publicly available exploit) in their GlobalProtect App.

PEPPERL+FUCHS Advisory - CERT-VDE published an advisory that discusses the PKFAIL vulnerability in multiple products from PEPPERL+FUCHS.

Splunk Advisory #1 - Splunk published an advisory that discusses three vulnerabilities (one with publicly available exploit) in their Splunk Machine Learning Toolkit.

Splunk Advisory #2 - Splunk published an advisory that discusses an exposure of sensitive information to an unauthorized actor vulnerability in their Python for Scientific Computing product.

SMA Solar Advisory - CERT-VDE published an advisory that describes an SQL injection vulnerability in SMA Sunny Central products.

VMware Advisory - Broadcom published an advisory that describes five vulnerabilities in the VMware Aria Operations product.

Zyxel Advisory - Zyxel published an advisory that discusses recent attempts to exploit a previously fixed directory traversal vulnerability in their ZLD firewall.

Updates

ELECOM Update #1 - JP-CERT published an update for the ELECOM wireless LAN router advisory that was originally published on May 28^th, 2024, and most recently updated on August 27^th, 2024.

ELECOM Update #2 - JP-CERT published an update for the ELECOM wireless LAN router advisory that was originally published on March 26^th, 2024, and most recently updated on August 27^th, 2024.

ELECOM Update #3 - JP-CERT published an update for the ELECOM wireless LAN router advisory that was originally published on August, 27^th, 2024, and most recently updated on September 9^th, 2024.

ELECOM Update #4 - JP-CERT published an update for the ELECOM wireless LAN router advisory that was originally published on March 26^th, 2024, and most recently updated on August 27^th, 2024.

FortiGuard Update - FortiGuard published an update for their missing authentication in fgfmsd advisory that was originally published on October 23^rd, 2024, and most recently updated on November 15^th, 2024.

Researcher Reports

ABB Reports - Zero Science published four reports of vulnerabilities in the ABB Cylon Aspect building energy management product.

Fuji Reports - The Zero Day Initiative published 17 reports of vulnerabilities in the Fuji Monitouch V-SFT.

 

For more information on these disclosures, including links to 3rd party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-11-95e - subscription required. 

Review – 4 Advisories Published – 7-25-23

Today, CISA’s NCCIC-ICS published four control system security advisories for products from Johnson Controls, Emerson, Rockwell Automation, and AXIS.

Advisories

Johnson Controls Advisory - The advisory describes an improper restrictions of excessive authentication attempts vulnerability in the Johnson Controls IQ Wifi 6 mesh router.

Emerson Advisory - The advisory describes an authentication bypass by primary weakness vulnerability in the Emerson ROC800-Series RTU and DL8000 Preset Controllers.

Rockwell Advisory - The advisory that describes a relative path traversal vulnerability in the Rockwell ThinManager ThinServer.

AXIS Advisory - The advisory describes a heap-based buffer overflow vulnerability in the AXIS A1001 network door controller.

 

For more details about these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-published-7-25-23 - subscription required.

Review – Public ICS Disclosures – Week of 4-30-22 – Part 1

Another busy week requiring a two part post. In Part 1 this week we have 19 vendor disclosures from Aruba Networks (3), Aveva, Axis, Belden (3), Bosch, Broadcom (8), Emerson, and TRUMPF.

Aruba Advisory #1 - Aruba published an advisory discussing an infinite loop vulnerability in multiple products. This is a third-party (OpenSSL) vulnerability.

Aruba Advisory #2 - Aruba published an advisory describing 21 vulnerabilities in their ClearPass Policy Manager.

Aruba Advisory #3 - Aruba published an advisory discussing the TLStorm 2.0 vulnerabilities.

Aveva Advisory - Aveva published an advisory describing an exposure of resource to wrong sphere vulnerability in their  InTouch Access Anywhere and Plant SCADA Access Anywhere products.

Axis Advisory - Axis published an advisory discussing two vulnerabilities (with one known exploit available) in their AXIS P7701 Video Decoder.

Belden Advisory #1 - Belden published an advisory discussing eight vulnerabilities (two with known exploits) in their Provize Basic Frontend.

Belden Advisory #2 - Belden published an advisory discussing two vulnerabilities (one with known exploit) in their Provize Basic Backend.

Belden Advisory #3 - Belden published an advisory discussing an uncontrolled resource consumption vulnerability (with a known exploit) in their Provize Basic product.

Bosch Advisory - Bosch published an advisory discussing five vulnerabilities in their PLC applications of the control systems ctrlX CORE, IndraLogic, IndraMotion MTX, IndraMotion MLC and IndraMotion MLD systems.

Broadcom Advisory #1 - Broadcom published an advisory discussing a link following vulnerability in their Brocade SANnav product.

Broadcom Advisory #2 - Broadcom published an advisory discussing an improper input validation vulnerability (with a known exploit) in their Brocade SANnav product.

Broadcom Advisory #3 - Broadcom published an advisory discussing a deserialization of untrusted data vulnerability in their Brocade SANnav product.

Broadcom Advisory #4 - Broadcom published an advisory describing an information exposure vulnerability in their Brocade SANnav product.

Broadcom Advisory #5 - Broadcom published an advisory describing a plain-text storage of sensitive information vulnerability in their Brocade SANnav product.

Broadcom Advisory #6 - Broadcom published an advisory describing a SQL injection vulnerability in their Brocade SANnav product.

Broadcom Advisory #7 - Broadcom published an advisory describing an inadequate password encryption vulnerability in their Brocade SANnav product.

Broadcom Advisory #8 - Broadcom published an advisory describing a role-based access control vulnerability in their Brocade SANnav product.

Emerson Advisory - Emerson published an advisory discussing two vulnerabilities in their AVENTICS AF2 Series flow sensors.

TRUMPH Advisory - CERT-VDE published an advisory describing a missing authentication for critical function vulnerability in the TRUMPF TruTops products.

 

For more details on these advisories, including links to third-party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-4-c2b - subscription required.

 

Review – Public ICS Disclosures – Week of 3-5-22 – Part 2

For Part 2 we have fourteen more vendor disclosures from HP (2), HPE (4), Medtronic, Palo Alto Networks (2), Philips (2), Softing (2), and Yokogawa. We also have updates from Axis and HPE. There is also an end-of-life notice from Honeywell. Finally, there are also two exploits for products from Siemens and the DirtyPipe vulnerability. Part 3 will be the Siemens and Schneider 2^nd Tuesday advisories and updates not covered by NCCIC-ICS.

HP Advisory #1 - HP published an advisory describing eleven vulnerabilities in the system BIOS of certain HP PC products.

HP Advisory #2 - HP published an advisory describing an out-of-bounds write vulnerability in various HP PC products.

HPE Advisory #1 - HPE published an advisory discussing seven vulnerabilities with multiple public exploits in their HPE Cray System Software.

HPE Advisory #2 - HPE published an advisory discussing two vulnerabilities with multiple publicly available exploits in their HPE B-Series SANnav Management Software.

HPE Advisory #3 - HPE published an advisory discussing the PwnKit vulnerability in their PE Nimble Storage and HPE Alletra 6000 Peer Persistence Witness OVA products.

HPE Advisory #4 - HPE published an advisory discussing the PwnKit vulnerability in their Virtualized Converged NonStop X NS2 VHOST CLIMs.

Medtronic Advisory - Medtronic published an advisory discussing the Access:7 vulnerabilities.

Moxa Advisory - Moxa published an advisory discussing the PwnKit vulnerability.

Palo Alto Advisory #1 - Palo Alto published an advisory describing a use of password has with insufficient computational effort vulnerability in their PAN-OS.

Palo Alto Advisory #2 - Palo Alto published an advisory discussing an out-of-bounds read vulnerability (with a known exploit) in their PAN-OS.

Philips Advisory #1 - Philips published an advisory discussing the Access:7 vulnerabilities.

Philips Advisory #2 - Philips published an advisory discussing the TLStorm vulnerabilities.

Softing Advisory #1 - Softing published an advisory describing an improper input validation vulnerability in their OPC UA C++ SDK products.

Softing Advisory #2 - Softing published an advisory describing an improper input validation vulnerability in their OPC UA C++ SDK products.

Yokogawa Advisory - Yokogawa published an advisory describing three vulnerabilities in their CENTUM VP product. The vulnerabilities were reported by FSTEC of Russia.

Axis Update - Axis published an update for their AXIS IP Utility advisory that was originally published on February 14^th, 2022.

HPE Update - HPE published an update for their HPE SAN Switches advisory that was originally published on July 22^nd, 2021.

Honeywell EOL Notice - Honeywell published an EOL notice for their OmniAssure Touch Readers.

Siemens Exploit - RoseSecurity published an exploit for an unauthenticated Siemens S7-1200 CPU Start/Stop Command.

DirtyPipe Exploit - Max Kellermann  published a Metasploit module for the DirtyPipe vulnerability.

 

For more details about these disclosures, including links to third-party advisories, researcher reports, and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-3-873 - subscription required.

Review - Public ICS Disclosures – Week of 2-26-22

This week we have twelve vendor disclosures from ABB, Beckhoff, Broadcom (2), B&R Automation, Delta Industrial Automation, Gerbv, OMRON, PcVue Solutions, Tanzu (2), and VMware. We also have two end-of-life notices from We have one researcher report for products from Swift Sensors. Finally, we have four exploits reported for products from WAGO, Hikvision, Axis, and the PwnKit vulnerability.

ABB Advisory - ABB published an advisory describing a denial of service vulnerability in their AC 800M MMS.

Beckhoff Advisory - Beckhoff published an advisory discussing a NULL pointer dereference vulnerability in their products with OPC UA technology.

NOTE: This vulnerability may be found in other vendor products utilizing OPC UA technology.

Broadcom Advisory #1 - Broadcom published an advisory discussing the LOGBACK-1591 vulnerability in their Brocade Fibre Channel Products.

Broadcom Advisory #2 - Broadcom published an advisory discussing the Log4Shell vulnerabilities.

B&R Advisory - B&R published an advisory discussing a deserialization of untrusted data vulnerability in their B&R APROL product line.

NOTE: This vulnerability may affect other vendor products that use Apache Chainsaw.

Delta Advisory - Incibe CERT published an advisory describing four vulnerabilities in the Delta CNCSoft ScreenEditor, and DIAEnergie products.

Gerbv Advisory - Incibe CERT published an advisory discussing seven vulnerabilities in the Gerbv file view.

Omron Advisory - JP CERT published an advisory describing five vulnerabilities in the OMRON CX-Programmer.

PcVue Advisory - PcVue published a notice discussing four vulnerabilities in their Dream Report products.

Tanzu Advisory #1 - Tanzu published an advisory describing an improper privilege management vulnerability in their Spring Cloud Gateway.

Tanzu Advisory #2 - Tanzu published an advisory describing a code injection vulnerability in their Spring Cloud Gateway.

VMware Advisory - VMware published an advisory describing an uncontrolled search path vulnerability in their VMware Tools for Windows.

Swift Sensor Report - Cisco Talos published a report describing an authentication bypass vulnerability in the Swift Sensor Gateway.

Braun End-of-Life Notices - Braun USA published end-of-life notices for their Dialog+ Version 8 and Dia70 Portable RO products.

WAGO Exploit - Momen Eldawakhly published an exploit for a privilege escalation vulnerability in the WAGO 750-8212 PFC200 G2 2ETH RS.

Hikvision Exploit - Bashis published a Metasploit module for a command injection vulnerability in unspecified Hikvision IP Camera.

Axis Exploit - Jbaines-r7 published a Metasploit module for an unrestricted upload of applications ‘feature’ in unspecified Axis IP cameras.

PwnKit Exploit - Qualys Security published a Metasploit module for the PwnKit vulnerability.

 

For more details about these disclosures, including links to third-party reports, researcher reports and exploits, see my article at CFSN Detailed Analysis - - subscription required.

Review - Public ICS Disclosures – Week of 2-12-22 – Part 1

It is beginning to look like multipart reports are going to be the standard for this weekly update. This week in Part 1 we have 14 vendor disclosures from Aveva, Axis, Broadcom (2), WECON, HPE (6), Kunbus, Mitsubishi, and Moxa.

Aveva Advisory - Aveva published an advisory describing a use of clear text credential storage in their System Platform 2020.

Axis Advisory - Axis published an advisory describing a DLL hijacking vulnerability in their IP Utility.

Broadcom Advisory #1 - Broadcom published an advisory describing a use of hard-coded credentials vulnerability.

Broadcom Advisory #2 - Broadcom published an advisory describing an authenticated privilege file read vulnerability in their Fabric OS.

WECON Advisory - INCIBE-CERT published an advisory two vulnerabilities in the WECON LeviStudioU.

HPE Advisory #1 - HPE published an advisory describing a host header injection vulnerability in their Integrated Lights-Out 4.

HPE Advisory #2 - HPE published an advisory describing a buffer overflow vulnerability in their iLO Amplifier Pack.

HPE Advisory #3 - HPE published an advisory describing an information disclosure vulnerability in their Fibre Channel and SAN Switches.

HPE Advisory #4 - HPE published an advisory describing an authentication bypass vulnerability in their Fibre Channel and SAN Switches.

HPE Advisory #5 - HPE published an advisory discussing the Log4Shell vulnerabilities in their Universal IoT.

HPE Advisory #6 - HPE published an advisory describing a buffer overflow vulnerability in their Gen10 and Gen10 Plus Synergy Servers.

Kunbus Advisory - Kunbus published an advisory describing two vulnerabilities in their Revolution PI base modules.

Mitsubishi Advisory - Mitsubishi published an advisory describing nine vulnerabilities in their  Energy Saving Data Collecting Server (EcoWebServerIII).

Moxa Advisory - Moxa published an advisory describing a channel accessible by non-endpoint vulnerability in their MGate MB3170/MB3270/MB3280/MB3480 Series Protocol Gateways.

 

For more details on these disclosures, including links to third-party advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-2-346 - subscription required.