Critical Infrastructure
The latest Critical Infrastructure coverage — news, analysis, and updates from the WindowsNews.AI desk.
Urgent: Siemens RUGGEDCOM APE1808 Bugs Let Attackers Hijack Industrial Control Appliances
{ "title": "Urgent: Siemens RUGGEDCOM APE1808 Bugs Let Attackers Hijack Industrial Control Appliances", "content": "Siemens has disclosed two high-severity vulnerabilities in its RUGGEDCOM...
Siemens SIPROTEC 4 Vulnerability Rated CVSS 8.7, No Fix Planned for Most Affected Relays
Siemens has disclosed a remotely exploitable denial-of-service vulnerability, tracked as CVE-2024-52504, that affects a wide array of SIPROTEC 4 and SIPROTEC 4 Compact protection relays—and the...
CISA, NSA, FBI Release Guidance for OT Asset Inventories to Fortify Critical Infrastructure
On August 13, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) joined forces with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Environmental...
Patch Now: AVEVA PI Integrator Vulnerabilities Could Let Attackers Hijack OT Analytics
On August 12, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an industrial control systems (ICS) advisory warning of two high-severity vulnerabilities in AVEVA’s...
CISA Alerts to Critical EG4 Inverter Flaws That Expose Solar Infrastructure to Remote Sabotage
A cluster of high-severity vulnerabilities in every major EG4 Electronics solar inverter model has set off alarm bells across the global energy sector, with the U.S. Cybersecurity and Infrastructure...
Critical Authentication Bypass in Burk ARC Solo Exposes Broadcast Systems to Remote Takeover
A critical vulnerability in Burk Technology's ARC Solo remote site controller allows attackers to change the device password without any credentials, enabling full device takeover and raising alarms...
CISA Drops 10 ICS Advisories: Flaws Threaten Delta, JCI, EG4 Inverters and Critical Infrastructure
A flood of industrial vulnerabilities hit the cybersecurity landscape last week as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) dropped ten Industrial Control Systems (ICS)...
Rockwell Automation Patches Three High-Severity Arena Simulation Bugs Poised to Cripple Critical Manufacturing
Three newly disclosed vulnerabilities in Rockwell Automation’s Arena simulation software have shaken the industrial security landscape, exposing global manufacturers to file-based attacks that can...
Critical 8.4 CVSS Flaw in Johnson Controls FX Controllers Threatens Building Automation Systems Worldwide
Critical infrastructure operators worldwide are scrambling to apply emergency patches after a dangerous new vulnerability was disclosed in Johnson Controls’ FX80, FX90, and FX Server platforms....
Patch Now: 9.3-Rated Path Traversal in Delta DIAView ICS Puts Critical Sectors at Risk
A severe path traversal vulnerability in Delta Electronics’ DIAView industrial automation platform has sent shockwaves through the operational technology community, after federal cybersecurity...
Packet Power ICS Flaw Lets Attackers Seize Control of Energy Grids Without Login
A remotely exploitable authentication bypass in Packet Power’s energy monitoring devices has thrust the industrial control system (ICS) world into an urgent patching cycle. Designated...
Critical ICS Vulnerability CVE-2025-7376 in Mitsubishi Electric ICONICS Suite Demands Immediate Action
Security vulnerabilities in industrial control systems (ICS) may sound like arcane topics for those outside operational technology circles, but their real-world consequences ripple through...