Bulletins

The embedded web server on affected devices contains a buffer overflow vulnerability. This could allow remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL. Siemens has released new versions for the affected products and recommends to update to the latest …

COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix …

Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions.

A vulnerability was identified in the Automation License Manager software before V5.2 that could be triggered by sending specially crafted packets to port 4410/tcp of an affected system. This could cause a denial of service preventing legitimate users from using the system. Siemens has released a new version for Automation …

Summary Successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras. The following versions of TP-Link Systems Inc. VIGI Series IP Camera are affected: VIGI Cx45 Series Models C345, C445 <=3.1.0_Build_250820_Rel.57668n (CVE-2026-0629) VIGI Cx55 Series Models C355, C455 <=3.1.0_Build_250820_Rel.58873n …

Summary Successful exploitation of this vulnerability may allow an attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial-of-service condition on the affected product. The following versions of Mitsubishi Electric MELSEC iQ-R Series are …

Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition and memory corruption. The following versions of o6 Automation GmbH Open62541 are affected: Open62541 >=1.5-rc1|<1.5-rc2 (CVE-2026-1301) CVSS Vendor Equipment Vulnerabilities v3 5.7 o6 Automation GmbH o6 Automation GmbH Open62541 Out-of-bounds Write Background Critical …