For the May 2026 Patch Tuesday, Siemens, Schneider Electric, CISA, and CERT@VDE have released new security advisories concerning industrial control system (ICS) vulnerabilities. These updates are crucial for protecting critical infrastructure from potential cyber threats.
Siemens Addresses Critical Security Flaws
Siemens has unveiled 18 new security advisories, several of which highlight critical vulnerabilities across their products. Key issues include device takeover in Sentron 7KT PAC1261 Data Manager and cross-site scripting (XSS) vulnerabilities in the Simatic S7 PLC web server. Additionally, Siemens noted command execution as root in Ruggedcom Rox and over 300 third-party component vulnerabilities in Simatic CN4100.
Moreover, Siemens has informed its customers about a significant vulnerability in the Ruggedcom APE1808 product related to the Palo Alto Networks PAN-OS flaw. This vulnerability is notable for being actively exploited, potentially by state-sponsored entities.
High-Severity Threats in Siemens and Schneider Products
Siemens has also rectified high-severity vulnerabilities capable of remote code execution in products such as Simcenter Femap, Teamcenter, and Ruggedcom Rox. Additionally, information disclosure risks and control panel escape issues have been mitigated in products like KACO Blueplanet inverters and Simatic HMI Unified Comfort, respectively.
Schneider Electric has released four advisories, addressing high-severity issues in their EcoStruxure Panel Server and other products. These vulnerabilities involve unauthorized file access and session hijacking, posing significant risks if left unpatched.
Additional Security Updates from CISA and CERT@VDE
The Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories for vulnerabilities in various ABB products and others from Subnet Solutions, Fuji Electric, Maxhub, and Johnson Controls. These advisories aim to alert users to potential security threats and recommend necessary actions.
Germany’s CERT@VDE has highlighted a medium-severity denial of service (DoS) flaw in Codesys Modbus, emphasizing the continuous need for vigilant security practices in ICS environments.
The release of these advisories underscores the ongoing challenges in securing industrial control systems against cyberattacks. As these vulnerabilities are disclosed and addressed, organizations are urged to update their systems promptly to mitigate potential risks.
