Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...

CVE-2023-40151

creationtimestamp| type| source ---|---|--- 2025-10-15 04:50:00+00:00| seen| https://thehackernews.com/2025/10/two-cvss-100-bugs-in-red-lion-rtus.html 2025-10-16 04:34:03+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m3bwka3urn26...

CISA: Key Secure by Demand Elements for Operational Technology Fact Sheet

This fact sheet addresses key elements for operational technology OT owners and operators to consider when purchasing digital products that automate physical processes, e.g. programmable logic controllers PLCs, human-machine interfaces HMIs, and remote terminal units RTUs. CISA strongly advises...

Schneider Electric SAGE RTUs 缓冲区错误漏洞

Schneider Electric SAGE RTUs are a high-performance device for industrial automation and remote monitoring from Schneider Electric, France. An out-of-bounds read vulnerability exists in the Schneider Electric SAGE RTUs, which can be exploited by an attacker to cause a denial of service in the...

Schneider Electric SAGE RTUs Security Vulnerability

Schneider Electric SAGE RTUs is a high-performance device for industrial automation and remote monitoring from Schneider Electric France. A security vulnerability exists in the Schneider Electric SAGE RTUs that stems from the presence of incorrect default permissions that allow authenticated user...

Schneider Electric SAGE RTUs Security Vulnerability

Schneider Electric SAGE RTUs is a high-performance device for industrial automation and remote monitoring from Schneider Electric France. A security vulnerability exists in the Schneider Electric SAGE RTUs that stems from buffer copying without checking the input size, which could allow a user wi...

CVE-2023-36608

The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm...

Siemens SICAM A8000 Devices CPCI85 Firmware Command Injection Vulnerability

The SICAM A8000 RTUs Remote Terminal Units series is a modular device family for remote control and automation applications in all areas of energy supply. A command injection vulnerability exists in the Siemens SICAM A8000 Devices CPCI85 Firmware, which can be exploited by an attacker to execute...

Siemens CP-8031 MASTER MODULE 命令注入漏洞

The SICAM A8000 RTUs Remote Terminal Units series is a modular device family for remote control and automation applications in all areas of energy supply. A command injection vulnerability exists in the Siemens SICAM A8000 Devices CPCI85 Firmware, which can be exploited by an attacker to execute...

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday released an Industrial Control Systems ICS advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the...

Schneider Electric Easergy Builder Code Issue Vulnerability

Schneider Electric Easergy Builder is a set of configuration software for Easergy remote terminal units and controllers from Schneider Electric, France. A code issue vulnerability exists in Schneider Electric Easergy Builder version 1.7.23 and earlier, which stems from the presence of an...

CVE-2022-30262

The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. They utilize the BSAP-IP protocol to transmit firmware updates. Firmware updates are supplied as CAB archive files containing a binary firmware image. In all cases, firmware images were found to have n...

CVE-2022-29960

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. DES with hardcoded cryptographic keys is used for protection of certain system credentials, engineering files, and sensitive utilities...

Emerson OpenBSI 加密问题漏洞

Emerson OpenBSI is a set of web-based communication services designed for technicians, engineers, and operators from Emerson Electric USA that provide access to ControlWave RTUs. A security vulnerability exists in versions of Emerson OpenBSI prior to 2022-04-29 that stems from the use of weak...

PT-2022-3090 · Motorola · Motorola Moscad Toolbox

Name of the Vulnerable Software and Affected Versions: Motorola MOSCAD Toolbox software through 2022-05-02 Description: The issue concerns the use of a cleartext password in the Motorola MOSCAD Toolbox software. This password is stored in the wmdlcdrv.ini driver configuration file and is used for...

Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks

As many as five vulnerabilities have been uncovered in Ovarro's TBox remote terminal units RTUs that, if left unpatched, could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service. "Successful exploitation of these vulnerabilities...

Duplicate numbering

Freyrscada IEC-60879-5-104 Server Simulator is a software from Freyrscada India for simulating communication between IEDs and RTUs over TCP. The software is written in C for all POSIX compliant operating systems and supports single server simulation with multiple workstations. "Obsolete" Do not u...

SIEMENS SICAM A8000 RTUs SSL Configuration Insecurity Vulnerability

The SIEMENS SICAM A8000 RTUs Remote Terminal Units series is a modular device family for remote control and automation applications in all areas of energy supply. A security vulnerability exists in the SIEMENS SICAM A8000 RTUs. An attacker could exploit the vulnerability to decrypt communications...

Schweitzer Engineering Laboratories Communications Processor Communications Processor Detection

Binary data 755331.prm...

CVE-2017-12737

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server port 80/tcp of the affected devices could allow unauthenticated remote attackers to obtain sensitive device information over the...