Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...

CISA: Key Secure by Demand Elements for Operational Technology Fact Sheet

This fact sheet addresses key elements for operational technology OT owners and operators to consider when purchasing digital products that automate physical processes, e.g. programmable logic controllers PLCs, human-machine interfaces HMIs, and remote terminal units RTUs. CISA strongly advises...

CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector

Today, CISA and the Environmental Protection Agency EPA released Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems. This joint fact sheet provides Water and Wastewater Systems WWS facilities with recommendations for limiting the exposure of Human Machine Interfaces HM...

Rockwell Automation FactoryTalk View SE 安全漏洞

Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation. An authentication error vulnerability exists in Rockwell Automation FactoryTalk View SE, which can be exploited by an attacker to send packets to a customer's server from a remote...

Siemens SCALANCE W700产品系列安全漏洞

Siemens SCALANCE is a series of Ethernet switches from Siemens, Germany. It connects to Industrial Control System ICS devices, including Programmable Logic Controllers PLCs and Human Machine Interface HMI systems. A security vulnerability exists in the Siemens SCALANCE W700 product family, which...

VulnCheck KEV: CVE-2023-6448

Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands...

Siemens SCALANCE 安全漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

Siemens SCALANCE 资源管理错误漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

Siemens SCALANCE X-300 Switch Family Devices缓冲区溢出漏洞

SCALANCE X switches are used to connect to industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A buffer overflow vulnerability exists in Siemens SCALANCE X-300 Switch Family...

Siemens SCALANCE X-300 Switch Family Devices跨站请求伪造漏洞

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A cross-site request forgery vulnerability exists in Siemens SCALANCE X-300 Switch...

多款 Siemens 产品跨站请求伪造漏洞

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A cross-site request forgery vulnerability exists in Siemens SCALANCE X-300 Switch...

Schneider Electric Vijeo Designer and Vijeo Designer Basic Trust Management Issues Vulnerability

Schneider Electric Vijeo Designer Basic and Schneider Electric Vijeo Designer are both a suite of programming and design software for HMIs Human Machine Interfaces from Schneider Electric, France. A vulnerability exists in Schneider Electric Vijeo Designer Basic and Vijeo Designer due to a trust...

SIEMENS SCALANCE X witches series authentication bypass vulnerability

SCALANCE X witches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. An authentication bypass vulnerability exists in the SIEMENS SCALANCE X witches family. An attacker could exploit this vulnerability to obtain sensitive...

Multiple SCALANCE X switches products mirror port isolation vulnerability

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. A mirror port isolation vulnerability exists in several SCALANCE X switches products. The vulnerability is due to the monitoring barriers on the affected...

Protecting Critical Infrastructure and Roadways: How Smart Cities Create New Risks

Advanced technology has changed countless facets of everyday life, from internal enterprise processes to consumer pursuits and beyond. Even the design, management and support for large and small cities has shifted thanks to innovative smart city systems. While advanced components to support...

This Week in Security News: Spam Campaigns and Vulnerable Infrastructures

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, see how cybercriminals have learned to become more creative with malware through spam campaigns. Also, understand why securing energy and...

Siemens ICS Switches Hit With Buffer Overflow, Authentication Bugs

There are a number of serious vulnerabilities in the Siemens Ruggedcom WIN switches, including a remotely exploitable buffer overflow and a flaw that could allow an attacker to take actions on the device without authentication. The vulnerabilities affect several models of the Ruggedcom WIN...