Advertisement
CVE-2024-2821: Critical RCE in Daktronics Controllers — Patch Now
Critical vulnerabilities (CVE-2024-2821, CVE-2024-2822, CVE-2024-2823) in Daktronics Venus 1500 and Vanguard controllers allow remote hacking of highway signs and
Rockwell RSLinx <4.50.00 RCE via CVE-2020-13573 — Patch Now
Urgent advisory for Rockwell RSLinx Classic users. CVE-2020-13573, a stack-based buffer overflow, enables remote code execution and DoS. Patch <=4.50.00.
CVE-2026-11317: Rockwell Logix DoS via CIP — Patch Critical ICS
Critical Manufacturing faces high-severity DoS risk in Rockwell Automation Logix 5370 & 5570 controllers from CVE-2026-11317. Patch now.
ICS Exposure Persists as OT Attack Surface Expands
Analysis of Industrial Control System (ICS) exposure, its persistence amidst expanding attack surfaces, and vital steps for operational technology security.
Siemens KACO Blueplanet Inverter Vulnerabilities: CVE-2025-40946 & CVE-2026-41125
Critical Siemens KACO Blueplanet Inverters are vulnerable to credential derivation (CVE-2025-40946) and SQL injection (CVE-2026-41125). Update now to mitigate
Hitachi Energy MACH HiDraw RCE via CVE-2026-7310 — Patch Guide
Hitachi Energy addresses a heap-based buffer overflow in MACH HiDraw version 9.22. Learn how to mitigate CVE-2026-7310 and protect critical ICS assets.
CVE-2026-6332: Schneider Electric EcoStruxure HVAC Source Code Disclosure
A cleartext storage vulnerability in Schneider Electric EcoStruxure Machine Expert HVAC (CVE-2026-6332) exposes sensitive source code. Update to v1.10.0.
CVE-2021-22291: ABB EIBPORT V3 <3.9.2 Session Hijacking Vulnerability
ABB EIBPORT V3 devices are vulnerable to CVE-2021-22291 (XSS/session hijacking), allowing unauthenticated access and configuration changes. Patch immediately.
CVE-2026-7251: Hard-coded Password in Eppendorf BioFlo 320
Critical hard-coded password vulnerability (CVE-2026-7251) in Eppendorf BioFlo 320 bioreactors allows full remote control. Patch immediately.
ABB B&R Automation Studio <6.5: Multiple Critical SQLite Vulnerabilities
Critical SQLite vulnerabilities in ABB B&R Automation Studio <6.5 expose ICS to RCE, data exposure, and unauthorized access. Update to version 6.5 immediately.
CVE-2022-4304: Hitachi Energy GMS600 Timing Side Channel Vulnerability
Hitachi Energy GMS600 versions 1.3.0-1.3.1 affected by CVE-2022-4304, an OpenSSL timing side channel leading to TLS decryption. Patch to 1.3.2 now.

OT Robot OS Command Injection: Unauthenticated RCE — Patch Now
Critical command injection vulnerability in OT Robot OS allows unauthenticated attackers to gain remote control, posing significant disruption risks to industrial