Skip to main content
← All Articles

Tag

#ICS

50 articles

Advertisement

VU
MEDIUM
Vulnerabilities

CVE-2026-4293: Kieback & Peter DDC XSS — Mitigate Building Controller Risks

CISA warns of CVE-2026-4293, a Cross-site Scripting vulnerability in Kieback & Peter DDC Building Controllers. Attackers could control victim browsers, affecting

Runtime Rebel Intel
4 min read·May 19, 2026
VU
HIGH
Vulnerabilities

CVE-2026-40175: Siemens gWAP RCE via Axios Prototype Pollution

Siemens gWAP is vulnerable to RCE via CVE-2026-40175, a prototype pollution flaw in the Axios HTTP client library. Update to v3.1.1 or later.

Runtime Rebel Intel
4 min read·May 14, 2026
VU
HIGH
Vulnerabilities

CVE-2026-6411: MAXHUB Pivot Client Hardcoded AES Key — Patch Guide

Exploit analysis of CVE-2026-6411 in MAXHUB Pivot client. Learn how hardcoded AES keys and MQTT enrollment flaws lead to data disclosure and DoS.

Runtime Rebel Intel
4 min read·May 8, 2026
VU
MEDIUM
Vulnerabilities

ABB B&R Automation Runtime DoS via CVE-2025-11044 — Patch Now

An unauthenticated network DoS vulnerability (CVE-2025-11044) affects ABB B&R Automation Runtime, allowing permanent system halts. Immediate patching is critical.

Runtime Rebel Intel
4 min read·May 6, 2026
VU
HIGH
Vulnerabilities

CVE-2025-11043: ABB Automation Studio <6.5 Improper Certificate Validation

Critical manufacturing systems running ABB B&R Automation Studio <6.5 are vulnerable to CVE-2025-11043, allowing data interception and spoofing via improper certificate

Runtime Rebel Intel
5 min read·May 6, 2026
VU
HIGH
Vulnerabilities

CVE-2025-14510: ABB Ability OPTIMAX Azure AD SSO Auth Bypass

CISA warns of CVE-2025-14510 impacting ABB Ability OPTIMAX, allowing authentication bypass on Azure AD SSO integrations. Patch immediately.

Runtime Rebel Intel
4 min read·May 1, 2026
VU
HIGH
Vulnerabilities

ABB AWIN Gateways Authentication Bypass and DoS Vulnerabilities

Critical vulnerabilities in ABB AWIN GW100 and GW120 gateways could allow unauthenticated attackers to reboot devices or extract sensitive configuration data.

Runtime Rebel Intel
3 min read·Apr 30, 2026
VU
MEDIUM
Vulnerabilities

NSA GRASSMARLIN XXE Vulnerability CVE-2026-6807 — Mitigation Guide

CISA warns of a Medium-severity XXE vulnerability in NSA GRASSMARLIN. With the tool reaching end-of-life, defenders must address CVE-2026-6807 via decommissioning.

Runtime Rebel Intel
3 min read·Apr 29, 2026
VU
CRITICAL
Vulnerabilities

CVE-2025-65856: Authentication Bypass in Xiongmai XM530 IP Cameras

Critical authentication bypass (CVE-2025-65856) in Xiongmai XM530 IP Camera firmware allows unauthenticated remote access to video streams and sensitive data.

Runtime Rebel Intel
4 min read·Apr 23, 2026
VU
HIGH
Vulnerabilities

CVE-2026-27668: Privilege Escalation in Siemens RUGGEDCOM CROSSBOW

Authenticated User Administrators can escalate privileges in Siemens RUGGEDCOM CROSSBOW SAM-P versions prior to 5.8. Update to mitigate CVE-2026-27668 risks.

Runtime Rebel Intel
3 min read·Apr 22, 2026
VU
CRITICAL
Vulnerabilities

Silex SD-330AC and AMC Manager RCE via CVE-2026-32956 — Patch Now

Silex Technology devices face critical RCE and DoS risks via 13 vulnerabilities. Critical infrastructure defenders must update to firmware Ver 1.50 immediately.

Runtime Rebel Intel
4 min read·Apr 22, 2026
Securing Serial-to-IP Devices: Mitigating Thousands of OT Bugs
HIGH
Vulnerabilities

Securing Serial-to-IP Devices: Mitigating Thousands of OT Bugs

Industrial serial-to-IP converters are riddled with thousands of vulnerabilities, posing a significant risk to legacy infrastructure and OT environments.

Runtime Rebel Intel
4 min read·Apr 20, 2026