CISA (ICS)
06/09/2026
Summary Schneider Electric is aware of its vulnerability in its EcoStruxure Panel Server offer. The EcoStruxure Panel Server is a high performance, modular gateway with enhanced cybersecurity that provides easy and fast connections to multiple concurrent edge control or cloud applications. Failure to apply the remediations provided below may risk …
SIEMENS CERT
06/09/2026
Siemens ET 200 devices contain a denial-of-service vulnerability that could be triggered by sending a valid S7 protocol Disconnect Request (COTP DR TPDU), causing the device to become unresponsive and require a power cycle to recover. Siemens has released new versions for several affected products and recommends to update to …
SIEMENS CERT
06/09/2026
Affected products do not properly restrict access permissions to a local Windows Named Pipe and do not properly sanitize user-controllable input sent to that Named Pipe. This could allow a local authenticated attacker to cause a type confusion and execute arbitrary code within the affected application and its privileges. Siemens …
SIEMENS CERT
06/09/2026
OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service (DoS) or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix …
SIEMENS CERT
06/09/2026
This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SCALANCE, RUGGEDCOM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., SCALANCE or RUGGEDCOM devices) and a RADIUS server (e.g., SINEC INS), to …
SIEMENS CERT
06/09/2026
This advisory documents the impact of CVE-2024-3596 (also dubbed “Blastradius”), a vulnerability in the RADIUS protocol, to SIPROTEC, SICAM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server (the RADIUS client, e.g., a SICAM device) and a RADIUS server, to forge Access-Request packets in …
SIEMENS CERT
06/09/2026
Siemens’ User Management Component (UMC) is affected by multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. Siemens has released a new version for User Management Component (UMC) and recommends to update to the latest version. Siemens recommends …
SIEMENS CERT
06/09/2026
SIPROTEC 5 is vulnerable to arbitrary file uploads by authenticated users using the DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, potentially causing a permanent denial of service condition. As a mitigation measure, users of the CP050 and CP150 device models are advised to upgrade …