OT Security Archives • Page 2 of 2 • Daily CyberSecurity

CISA Warns: Critical Longwatch RCE Flaw (CVE-2025-13658, CVSS 9.8) Allows Unauthenticated SYSTEM Takeover of OT Surveillance Longwatch Unauthenticated RCE, Industrial Video & Control

Longwatch Unauthenticated RCE, Industrial Video & Control

CISA Warns: Critical Longwatch RCE Flaw (CVE-2025-13658, CVSS 9.8) Allows Unauthenticated SYSTEM Takeover of OT Surveillance

Do Son December 3, 2025

A critical security vulnerability has been identified in the Longwatch video surveillance and monitoring system developed by...

CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover Iskra iHUB Auth Bypass, Critical Smart Metering Flaw

Iskra iHUB Auth Bypass, Critical Smart Metering Flaw

CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover

Do Son December 3, 2025

A critical security vacuum has been discovered in smart metering infrastructure, potentially leaving utility networks exposed to...

Critical ABB Flaw (CVE-2025-10571, CVSS 9.6) Allows Unauthenticated RCE and Admin Takeover on Edgenius ABB T-MAC Plus vulnerabilities terminal system flaws ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

Critical ABB Flaw (CVE-2025-10571, CVSS 9.6) Allows Unauthenticated RCE and Admin Takeover on Edgenius

Do Son November 24, 2025

ABB has issued an urgent cybersecurity advisory warning customers of a critical authentication bypass vulnerability in the...

Critical GE Vernova ICS Flaw (CVE-2025-3222, CVSS 9.3) Allows Authentication Bypass in Smallworld Master File Server Smallworld Auth Bypass, GE Vernova ICS Flaw

Smallworld Auth Bypass, GE Vernova ICS Flaw

Critical GE Vernova ICS Flaw (CVE-2025-3222, CVSS 9.3) Allows Authentication Bypass in Smallworld Master File Server

Do Son November 11, 2025

GE Vernova’s Electrification Software division has released a critical security advisory addressing a high-severity authentication vulnerability (CVE-2025-3222)...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Operation Zero Disco: Critical Cisco SNMP Flaw (CVE-2025-20352) Used to Implant Linux Rootkits on Switches

Do Son October 16, 2025

Security researchers from Trend Research have uncovered a sophisticated campaign — dubbed “Operation Zero Disco” — in...

Rockwell Automation Patches Privilege Escalation and Denial-of-Service Flaws Across FactoryTalk and ArmorStart Systems

Do Son October 15, 2025

Rockwell Automation has released a series of security advisories addressing vulnerabilities in several of its FactoryTalk and...

Pro-Russian Hacktivist Group TwoNet Exposed for Fabricating Critical Infrastructure Attacks to Boost Reputation IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

IARPA Research Security Data Abyss Report Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

Pro-Russian Hacktivist Group TwoNet Exposed for Fabricating Critical Infrastructure Attacks to Boost Reputation

Do Son October 13, 2025

Forescout Research has uncovered a disturbing new tactic among pro-Russian hacktivists — fabricating real-world critical infrastructure attacks...

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Do Son August 18, 2025

Rockwell Automation has issued a critical security advisory regarding a remote code execution (RCE) vulnerability affecting its...

Critical Erlang/OTP Flaw (CVE-2025-32433) Under Active Exploitation, Allowing Unauthenticated RCE on OT Networks Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Critical Erlang/OTP Flaw (CVE-2025-32433) Under Active Exploitation, Allowing Unauthenticated RCE on OT Networks

Do Son August 12, 2025

Security researchers at Unit 42 have issued an urgent warning regarding CVE-2025-32433, a CVSS 10.0-rated vulnerability in...

Singapore’s Critical Infrastructure Under Attack by China-Linked UNC3886 APT Singapore Critical Infrastructure, UNC3886

Singapore’s Critical Infrastructure Under Attack by China-Linked UNC3886 APT

Do Son July 28, 2025

The OT Cybersecurity Information Sharing and Analysis Center (OT-ISAC) has released a threat alert detailing an ongoing...

Power Grid ICS Are Exposed — What Does This Mean for Critical Infrastructure? Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Power Grid ICS Are Exposed — What Does This Mean for Critical Infrastructure?

Do Son July 3, 2025

Before 2010, Industrial Control Systems (ICS) mostly operated within isolated Operational Technology (OT) networks and received little...

CVE-2024-9404: Remote DoS Vulnerability Found in Moxa Industrial Switches Moxa Switches, DoS Vulnerability

CVE-2024-9404: Remote DoS Vulnerability Found in Moxa Industrial Switches

Do Son June 13, 2025

Moxa has issued a high-severity security advisory for a newly discovered vulnerability—CVE-2024-9404—that affects its widely deployed PT-G7728...

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access! Weidmueller, Critical Vulnerabilities

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

Do Son June 12, 2025

A recent coordinated security advisory issued by CERT@VDE and Weidmueller has disclosed three critical vulnerabilities affecting the...

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data! Siemens Energy, Critical Vulnerability CVE-2025-40585

Siemens Energy, Critical Vulnerability CVE-2025-40585

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data!

Do Son June 12, 2025

Siemens has issued a critical security advisory regarding its Energy Services platform—formerly known as Managed Applications and...

Critical (CVSS 9.8): Weidmueller Switch Flaws Risk Full System Compromise Weidmueller vulnerability Industrial switch hack

Critical (CVSS 9.8): Weidmueller Switch Flaws Risk Full System Compromise

Do Son May 28, 2025

Weidmueller Interface GmbH & Co. KG, a global manufacturer of industrial connectivity and automation solutions, has disclosed...

Siemens RUGGEDCOM Flaws Scored CVSS 9.9: Command Injection Bugs Threaten Industrial Networks RUGGEDCOM, Command Injection

Siemens RUGGEDCOM Flaws Scored CVSS 9.9: Command Injection Bugs Threaten Industrial Networks

Do Son May 14, 2025

Siemens ProductCERT released an urgent security advisory (SSA-301229) detailing multiple command injection vulnerabilities in its RUGGEDCOM ROX...

CISA Warns of Unsophisticated Cyber Actors Targeting U.S. Critical Infrastructure OT Systems

Do Son May 7, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a fresh alert urging critical infrastructure operators...

Cyberattacks Surge Against Energy Sector Amid Geopolitical Tensions Energy Sector, Cyberattacks

Cyberattacks Surge Against Energy Sector Amid Geopolitical Tensions

Do Son April 17, 2025

As geopolitical tensions escalate worldwide, the energy sector has become a primary battlefield in cyberspace. A new...

Critical Alert 1 Active Exploit Detected Today