FILTERING BY: CLEAR FILTER

CISA ICS Security Advisories: Vulnerabilities in ABB, Siemens, ZKTeco, and Kieback & Peter Systems

Between May 18 and May 24, 2026, CISA and the CCCS released a massive series of ICS/OT security advisories detailing critical vulnerabilities in industrial automation, energy, and building management systems. The research identifies significant flaws, including Remote Code Execution (RCE), Authentication Bypass, Buffer Overflows, and Denial of Service (DoS), affecting hardware from ABB, Siemens, Hitachi Energy, ZKTeco, and Kieback & Peter. Exploitation vectors include network-level access to industrial protocols and firmware, posing risks of unauthorized physical surveillance via ZKTeco, safety compromises in Kieback & Peter controllers, and kinetic impacts in ABB B&R automation environments. Immediate remediation via vendor-provided patches and firmware updates is essential to prevent widespread OT downtime.


LINK COPIED TO CLIPBOARD