Cisa Advisory
The latest Cisa Advisory coverage — news, analysis, and updates from the WindowsNews.AI desk.
CISA Warns ABB AC500 V2 PLC Flaw Leaks Data via Modbus TCP
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has amplified a critical advisory for industrial control systems, republishing ABB’s security notice for CVE-2025-7745 on May 26,...
CISA Flags Critical Hard-Coded VNC Password in Eppendorf BioFlo 320 Bioreactor
A medical device used in pharmaceutical and biotech production carries a vulnerability so basic it could let attackers waltz into critical systems. The Cybersecurity and Infrastructure Security...
CISA Warns: PixieFail Flaws Still Expose ABB B&R Industrial PCs
{ "title": "CISA Warns ABB B&R Industrial PCs: PixieFail UEFI Network Vulnerabilities (2026)", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has sounded the...
ABB & CISA Warn: Patch B&R Automation Studio 6.5 SQLite Flaws Now
ABB’s B&R Automation Studio software versions earlier than 6.5, including version 6.5 itself, contain critical vulnerabilities tied to an outdated third-party SQLite database component. The...
Hitachi Energy GMS600 v1.3.2 fixes OpenSSL timing flaw CVE-2022-4304
Hitachi Energy has confirmed that two versions of its GMS600 grid monitoring system carry a dangerous OpenSSL vulnerability that could allow attackers to decrypt network traffic through timing...
CISA Warns ABB Terra AC Wallbox JP Users: Patch Memory Flaws with Firmware 1.8.36
The Cybersecurity and Infrastructure Security Agency (CISA) has republished an advisory from ABB on May 21, 2026, warning owners of the Terra AC wallbox JP charger about three medium‑severity...
CISA Warns ZKTeco CCTV Flaw CVE-2026-8598 Exposes Plain-Text Passwords
{ "title": "CISA Warns ZKTeco CCTV CVE-2026-8598: Unauthenticated Config Export Exposes Credentials", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent...
CISA Warns: ScadaBR 1.2.0 Bugs Enable Unauthenticated RCE on OT Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning for industrial organizations worldwide: the open-source SCADA platform ScadaBR version 1.2.0 harbors four...
Critical Session Hijacking Flaw in Siemens SIPROTEC 5 Relays Demands Immediate OT Action, CISA Warns
Operators of Siemens SIPROTEC 5 protection relays must urgently assess and patch their devices after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) amplified a alert about a serious...
CISA Warns of PowerSYSTEM Center Flaws in Energy Sector ICS
The Cybersecurity and Infrastructure Security Agency (CISA) released an industrial control systems (ICS) advisory on May 12, 2026, warning that multiple authenticated-user vulnerabilities affect...
CVE-2026-21661 DLL hijack in CEM AC2000 v10.6–12.0 raises privilege to SYSTEM on Windows.
CISA republished a security advisory on May 5, 2026, amplifying a warning from Johnson Controls about a high-severity DLL hijacking vulnerability in its CEM AC2000 access control system. Tracked as...
PCM600 Zip Slip Path Traversal Flaw Prompts CISA Warning for OT Engineering Workstations
CISA has republished a Hitachi Energy advisory detailing a critical path traversal vulnerability in the PCM600 configuration tool, a mainstay for protection and control engineers in electric utility...