Skip to main content
← All Articles

Tag

#ICS

50 articles

Advertisement

VU
CRITICAL
Vulnerabilities

CVE-2026-5387: AVEVA Pipeline Simulation Privilege Escalation

Unauthenticated attackers can exploit CVE-2026-5387 in AVEVA Pipeline Simulation <=2025_SP1_build_7.1.9497.6351 to modify critical ICS simulation parameters and training

Runtime Rebel Intel
4 min read·Apr 17, 2026
VU
HIGH
Vulnerabilities

ICS Patch Tuesday: 8 Industrial Giants Patch Critical Vulnerabilities

Analysis of new security advisories from Siemens, Schneider Electric, and others regarding critical infrastructure vulnerabilities and remediation steps.

Runtime Rebel Intel
3 min read·Apr 15, 2026
TH
CRITICAL
Threat Intel

Iranian Actors Target Rockwell PLCs: 4,000 US Devices Exposed

Iranian-linked cyber actors have identified nearly 4,000 exposed US industrial control systems, primarily Rockwell Automation PLCs, raising critical infrastructure

Runtime Rebel Intel
4 min read·Apr 10, 2026
VU
CRITICAL
Vulnerabilities

CVE-2025-13926: Critical Flaw in Contemporary Controls BASC 20T

CISA warns of a CVSS 9.8 vulnerability in Contemporary Controls BASControl20 3.1. Attackers can forge packets to reconfigure or delete PLC components.

Runtime Rebel Intel
3 min read·Apr 10, 2026
TH
HIGH
Threat Intel

Iran-Linked Cyber Attacks Persist Despite Israel-Hezbollah Ceasefire

Iran-affiliated threat actors maintain operational tempo against US critical infrastructure, disregarding kinetic pauses in Middle East regional conflicts.

Runtime Rebel Intel
3 min read·Apr 9, 2026
Iranian Hackers Targeting U.S. Critical Infrastructure via PLCs
CRITICAL
Threat Intel

Iranian Hackers Targeting U.S. Critical Infrastructure via PLCs

U.S. agencies warn of Iran-linked hackers disrupting critical infrastructure by exploiting internet-exposed PLCs to manipulate data and halt operations.

Runtime Rebel Intel
4 min read·Apr 8, 2026
VU
HIGH
Vulnerabilities

Mitsubishi Electric ICS Vulnerabilities Expose SQL Credentials

High-severity vulnerabilities (CVE-2025-14815, CVE-2025-14816) in Mitsubishi Electric ICS/SCADA products risk SQL credential exposure and data compromise.

Runtime Rebel Intel
4 min read·Apr 7, 2026
VU
CRITICAL
Vulnerabilities

Ivanti Connect Secure RCE: Internal Network Vulnerability Detection

Analyze the impact of Ivanti Connect Secure vulnerabilities and learn how to conduct internal network vulnerability scanning for Ivanti appliances to detect flaws.

Runtime Rebel Intel
3 min read·Apr 3, 2026
VU
MEDIUM
Vulnerabilities

Yokogawa CENTUM VP CVE-2025-7741 Hardcoded Password Patch Guidance

CISA identifies a hardcoded password in Yokogawa CENTUM VP (CVE-2025-7741). Learn how to secure the PROG account and apply the R7.01.10 patch now.

Runtime Rebel Intel
4 min read·Apr 3, 2026
VU
CRITICAL
Vulnerabilities

CVE-2026-3356: Anritsu Remote Spectrum Monitor Authentication Bypass

Critical CVE-2026-3356 allows authentication bypass in Anritsu Remote Spectrum Monitors. Attackers can alter settings, obtain sensitive data, and disrupt device

Runtime Rebel Intel
4 min read·Mar 31, 2026
VU
CRITICAL
Vulnerabilities

CVE-2026-3587: WAGO Switches CLI Escape Leads to Full Device Compromise

Critical flaw CVE-2026-3587 in WAGO Industrial Managed Switches allows unauthenticated remote attackers to fully compromise devices via CLI escape. Update firmware

Runtime Rebel Intel
5 min read·Mar 26, 2026
VU
CRITICAL
Vulnerabilities

Schneider Electric Plant iT/Brewmaxx RCE via Multiple Redis Vulnerabilities

Multiple critical and high-severity vulnerabilities in Schneider Electric Plant iT/Brewmaxx 9.60+ (Redis component) enable RCE and privilege escalation, affecting

Runtime Rebel Intel
4 min read·Mar 24, 2026