IoT/OT

RondoDox botnet exploits 2018 ASUS router vulnerability to hijack over 1 million devices.

ABB B&R Automation Runtime <6.4 patched for session hijacking, XSS, and CSV injection flaws.

Hitachi Energy GMS600 versions 1.3.0–1.3.1 vulnerable to OpenSSL timing attack (CVE-2022-4304)

ABB Terra AC Wallbox EV charger has three buffer overflow vulnerabilities affecting firmware versions ≤1.8.33.

Siemens SENTRON 7KT PAC1261 Data Manager HTTP request smuggling flaw allows admin token theft

Siemens Solid Edge SE2026 before Update 5 has two file parsing vulnerabilities in PAR format handling.

Siemens SIMATIC HMI Unified Comfort Panels before V21.0 vulnerable to unauthenticated web browser access via help link.

Siemens Ruggedcom Rox OS command injection vulnerability allows authenticated RCE with root privileges.

Critical OS command injection in Universal Robots Polyscope 5 allows unauthenticated remote code execution.

Siemens Simcenter Femap heap buffer overflow in Datakit library allows RCE via malicious IPT files

Siemens gWAP RCE vulnerability via Axios library prototype pollution gadget chain

Siemens ROS# path traversal vulnerability (CVE-2026-41551) allows arbitrary file access in versions before 2.2.2.

Siemens Teamcenter affected by multiple critical vulnerabilities including XSS, hardcoded credentials, and PDF.js flaw.

Siemens industrial devices contain null pointer dereference vulnerability enabling denial of service via crafted IPv4

Siemens Ruggedcom Rox improper access control flaw allows authenticated remote file read with root privileges

Siemens Opcenter RDnL affected by missing authentication in ActiveMQ Artemis (CVE-2026-27446)

Siemens SIPROTEC 5 uses weak session IDs vulnerable to brute-force hijacking attacks

Siemens Ruggedcom Rox input validation flaw allows authenticated RCE with root privileges.

Siemens SIMATIC S7 PLC web servers contain multiple XSS vulnerabilities requiring urgent patching.

CISA launches CI Fortify initiative urging critical infrastructure operators to prepare for geopolitical conflict

Siemens, Schneider Electric, and CISA publish May 2026 Patch Tuesday advisories for ICS vulnerabilities.

Subnet Solutions PowerSYSTEM Center CRLF injection vulnerability affects multiple versions

ABB Automation Builder Gateway for Windows exposes PLC networks via insecure default remote access on port 1217.

ABB WebPro SNMP Card PowerValue contains three critical vulnerabilities enabling authentication bypass and DoS attacks.

ABB AC500 V3 PLC critical stack buffer overflow in CMS cryptographic parsing (CVE-2025-15467)

Fuji Electric Tellus 5.0.2 kernel driver flaw allows local privilege escalation (CVE-2026-8108)

ABB AC500 V3 PLCs patched for three critical vulnerabilities enabling auth bypass, cert theft, and DoS

Cyber espionage group targets aviation firms to steal geospatial and GPS data.

MAXHUB Pivot client application CVE-2026-6411 uses hardcoded AES key allowing email disclosure

Outdated maintenance software exposes companies to ransomware via weak access controls and unpatched systems.

Threat actors used Claude AI to guide attack on Mexican water utility's OT systems in January 2026.

New Mirai-derived xlabs_v1 botnet exploits exposed ADB to hijack IoT devices for DDoS attacks.

Researchers demonstrate Rowhammer attack against NVIDIA GPU chips.

CISA issues CI Fortify guidance for critical infrastructure to master isolation and recovery against nation-state

CVE-2026-0073 zero-click RCE in Android Wireless ADB bypasses authentication.

CISA launches CI Fortify initiative urging critical infrastructure operators to prepare for geopolitical conflict

ABB B&R Automation Studio certificate validation flaw allows server spoofing.

Johnson Controls CEM AC2000 DLL hijacking vulnerability (CVE-2026-21661) allows privilege escalation across multiple

ABB B&R PVI vulnerability allows authenticated local attackers to read credentials from client logs.

Hitachi Energy PCM600 path traversal vulnerability (Zip-Slip) affects energy infrastructure worldwide.

ABB B&R Automation Runtime DoS vulnerability (CVE-2025-11044) in ANSL-Server component patched.

AirSnitch attack techniques enable packet interception and injection on Wi-Fi infrastructure, bypassing encryption.

Threat actor 'paws' offers root RCE access to compromised Linux firewall for $1,500 in Monero.

Brazilian DDoS protection firm's infrastructure breached, enabling botnet attacks on ISPs.

ABB AWIN Gateways contain three high-severity authentication bypass flaws affecting critical manufacturing

ABB PCM600 path traversal vulnerability allows arbitrary code execution via crafted messages.

ABB Ability OPTIMAX authentication bypass vulnerability in Azure AD SSO integration.

CVE-2025-3756 in ABB System 800xA and Symphony Plus IEC 61850 allows DoS via crafted packets.

ABB Ability Symphony Plus Engineering affected by four high-severity PostgreSQL vulnerabilities enabling arbitrary code

Critical authentication bypass in ABB Edgenius Management Portal allows arbitrary code execution.