Industrial Cybersecurity
The latest Industrial Cybersecurity coverage — news, analysis, and updates from the WindowsNews.AI desk.
ABB Freelance Security Lock Flaw Lets Attackers Hijack OT Consoles — Patch Now
ABB and the U.S. Cybersecurity and Infrastructure Security Agency issued a joint advisory in June 2026 warning that a high-severity vulnerability in the Freelance Security Lock component could let...
Siemens Patches Critical WinCC Certificate Manager Vulnerability CVE-2026-24349 with V21 Update 2
Siemens has released an urgent patch for a critical flaw in its WinCC Certificate Manager, tracked as CVE-2026-24349, that left industrial control systems open to man-in-the-middle attacks and...
CISA Sounds Alarm on Unpatched Mitsubishi Electric DoS Flaw in All FX5-ENET/IP Modules
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has republished an advisory for CVE-2026-8806, a high-severity denial-of-service vulnerability that affects every version of...
Mitsubishi Electric Patches Critical CVE-2026-8805 DoS Vulnerability in FX5-EIP EtherNet/IP Modules
Mitsubishi Electric, in coordination with the U.S. Cybersecurity and Infrastructure Security Agency (CISA), disclosed on June 18, 2026, that a remotely exploitable denial-of-service (DoS)...
CISA Alert: Schneider Electric OT Gear Vulnerable to Session Prediction Attacks (CVE-2026-4827)
CISA has urged critical infrastructure operators to immediately patch multiple Schneider Electric power automation products after discovering a session management vulnerability that could let...
CISA Flags Critical Authentication Bypass and DoS Flaws in Rockwell FactoryTalk Historian
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three serious vulnerabilities in Rockwell Automation’s FactoryTalk Historian Site Edition (SE),...
CVE-2026-6865: Schneider Electric’s EasyLogic and Saitel RTUs Exposed to File Theft via Path Traversal Bug
Schneider Electric and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) are urging critical infrastructure operators to immediately patch a path traversal vulnerability that exposes...
CISA Reissues Advisory as Authorization Bypass Vulnerability in Rockwell PavilionX Demands Immediate Patching
The U.S. Cybersecurity and Infrastructure Security Agency on June 16, 2026, republished a Rockwell Automation security advisory detailing a missing-authorization flaw in FactoryTalk Analytics...
Schneider Electric Patches Critical RADIUS Authentication Bypass in Modicon, Connexium Switches
Schneider Electric has released firmware updates to address a critical vulnerability in its Connexium, Modicon, and Modicon Redundancy managed switches that could allow attackers to bypass RADIUS...
Schneider Electric Patches CVE-2026-6332: Cleartext Source Code Flaw in HVAC Software Versions Before 1.10.0
Schneider Electric fixed a cleartext storage vulnerability in its EcoStruxure Machine Expert HVAC software on May 12, 2026. The flaw, tracked as CVE-2026-6332, allows source code to be stored in...
ABB B&R Controller Flaw Lets Unauthenticated Attackers Crash Critical Systems
CISA has republished an advisory from ABB on May 26, 2026, shining a spotlight on CVE-2025-3450—a vulnerability that allows an unauthenticated network attacker to trigger denial-of-service...
CISA Warns ABB AC500 V2 PLC Flaw Leaks Data via Modbus TCP
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has amplified a critical advisory for industrial control systems, republishing ABB’s security notice for CVE-2025-7745 on May 26,...