OT Security Hub

Tampil

Critical

CVE unik

Emergency

43 / 43

Vendor:Sektor:Sev:Sort:

ICSA-25-204-01 ↗criticalGovernmentCISA · 2026-05-22

Rockwell Automation · GuardLogix 5580

Safety task tampering via CIP.

Mitigation: Firmware v34.014.

Sektor: ManufacturingVendor: Rockwell AutomationCVEs:CVE-2025-4910 ↗Sumber resmi ↗

SEVD-2025-167-02 ↗highVendorSchneider PSIRT · 2026-05-15

Schneider Electric · Modicon M340

DoS via crafted Modbus packet.

Mitigation: Firmware v3.40; segmentasi.

Sektor: EnergyVendor: Schneider ElectricCVEs:CVE-2025-4488 ↗Sumber resmi ↗

HON-2025-022 ↗highVendorHoneywell PSIRT · 2026-05-12

Honeywell · Experion PKS

Privilege escalation service account.

Mitigation: Hotfix portal HPS.

Sektor: Oil & GasVendor: HoneywellCVEs:CVE-2025-1042 ↗Sumber resmi ↗

SSA-2025-244 ↗criticalVendorSiemens ProductCERT · 2026-05-09

Siemens · SINAMICS S210

RCE pada drive web interface.

Mitigation: Update fw 6.4; disable web interface.

Sektor: ManufacturingVendor: SiemensCVEs:CVE-2025-5102 ↗Sumber resmi ↗

SEVD-2025-127-04 ↗highVendorSchneider PSIRT · 2026-05-07

Schneider Electric · Modicon M580

Cleartext credential channel diagnostik.

Mitigation: Firmware SV4.20 + segmentasi.

Sektor: EnergyVendor: Schneider ElectricCVEs:CVE-2025-2188 ↗Sumber resmi ↗

2CDC012220M0211 ↗criticalVendorABB Cyber Security · 2026-05-02

ABB · RTU500 series

Auth bypass HTTP REST API.

Mitigation: Update 13.4 LTS.

Sektor: EnergyVendor: ABBCVEs:CVE-2025-3917 ↗Sumber resmi ↗

ICSA-25-119-01 ↗criticalGovernmentCISA · 2026-04-29

Siemens · SIMATIC S7-1500

Authentication bypass web management.

Mitigation: Update firmware 3.1.5+, disable web management.

Sektor: MultiVendor: SiemensCVEs:CVE-2025-3211 ↗Sumber resmi ↗

ICSA-25-119-02 ↗criticalGovernmentCISA · 2026-04-29

Rockwell Automation · ControlLogix 5580

Stack overflow EtherNet/IP parser.

Mitigation: Firmware v34.013+.

Sektor: ManufacturingVendor: Rockwell AutomationCVEs:CVE-2025-2310 ↗Sumber resmi ↗

HON-2025-027 ↗highVendorHoneywell PSIRT · 2026-04-25

Honeywell · Safety Manager

Improper auth pada engineering interface SIS.

Mitigation: Firmware R163; segmentasi SIS.

Sektor: PetrochemicalVendor: HoneywellCVEs:CVE-2025-3611 ↗Sumber resmi ↗

2CDC012220M0202 ↗highVendorABB Cyber Security · 2026-04-19

ABB · AC500 V3

Buffer overflow web server onboard.

Mitigation: Disable web interface, update firmware.

Sektor: ManufacturingVendor: ABBCVEs:CVE-2025-0871 ↗Sumber resmi ↗

EMR-2025-009 ↗highVendorEmerson · 2026-04-18

Emerson · Ovation

Path traversal historian.

Mitigation: Hotfix Emerson.

Sektor: EnergyVendor: EmersonCVEs:CVE-2025-3104 ↗Sumber resmi ↗

MEEFB-2025-004 ↗highVendorMitsubishi PSIRT · 2026-04-10

Mitsubishi Electric · GOT2000

Stored XSS HMI web access.

Mitigation: Firmware 01.78.000+.

Sektor: ManufacturingVendor: Mitsubishi ElectricCVEs:CVE-2025-2812 ↗Sumber resmi ↗

AA26-WATER-DEF ↗criticalEmergencyCISA Joint Advisory · 2026-04-02

Multi · Internet-exposed PLC water

Aktivitas aktif CyberAv3ngers terhadap PLC Unitronics & Vision.

Mitigation: Putus exposure, ganti default password, MFA remote.

Sektor: WaterVendor: MultiSumber resmi ↗

JPCERT-OT-2026-002 ↗highCERTJPCERT/CC · 2026-03-28

Multi · OT vendor remote tool

Penyalahgunaan tool remote support vendor di pabrik Jepang.

Mitigation: Audit vendor remote access, jump host wajib.

Sektor: ManufacturingVendor: MultiSumber resmi ↗

BSI-CSW-2026-007 ↗highGovernmentBSI Germany · 2026-03-20

Multi · Energy sector OT

Aktivitas Sandworm meningkat menjelang exercise NATO.

Mitigation: Threat hunt LotL, MFA, monitor IEC-104.

Sektor: EnergyVendor: MultiSumber resmi ↗

CERT-EU-2025-014 ↗highCERTCERT-EU · 2026-02-18

Multi · Energy SCADA

Kampanye Sandworm baru menargetkan ICCP/IEC-104.

Mitigation: Monitor IEC-104, threat hunt Volt Typhoon/Sandworm TTP.

Sektor: EnergyVendor: MultiSumber resmi ↗

MEEFB-2024-009 ↗criticalVendorMitsubishi PSIRT · 2025-12-08

Mitsubishi Electric · MELSEC iQ-R

Auth bypass via SLMP.

Mitigation: Patch + filter SLMP.

Sektor: ManufacturingVendor: Mitsubishi ElectricCVEs:CVE-2024-8412 ↗Sumber resmi ↗

AA24-EMERG-OT ↗criticalEmergencyCISA Emergency Directive · 2025-11-02

Multi · Internet-exposed OT

Aktivitas aktif aktor pro-state terhadap PLC water terbuka di internet.

Mitigation: Putus exposure publik, ganti default password, MFA pada akses remote.

Sektor: WaterVendor: MultiSumber resmi ↗

ICSA-25-301-01 ↗criticalGovernmentCISA · 2025-10-28

Siemens · SIPROTEC 5

Pre-auth RCE pada engineering web service relay proteksi.

Mitigation: Update V9.60; blokir port 443 dari corporate; segregasi process bus.

Sektor: EnergyVendor: SiemensCVEs:CVE-2025-6612 ↗Sumber resmi ↗

EMR-2024-031 ↗highVendorEmerson · 2025-10-14

Emerson · DeltaV DCS

Hardcoded credentials service account.

Mitigation: Rotate via tool Emerson.

Sektor: PetrochemicalVendor: EmersonCVEs:CVE-2024-7551 ↗Sumber resmi ↗

SSA-2024-088 ↗highVendorSiemens ProductCERT · 2025-09-09

Siemens · SCALANCE X

Command injection CLI management.

Mitigation: Firmware v6.0+.

Sektor: MultiVendor: SiemensCVEs:CVE-2024-6633 ↗Sumber resmi ↗

SSA-2025-244 ↗criticalVendorSiemens ProductCERT · 2025-09-09

Siemens · SINAMICS S210

RCE pada drive web interface.

Mitigation: Update fw 6.4; disable web; segmentasi drive bus.

Sektor: ManufacturingVendor: SiemensCVEs:CVE-2025-5102 ↗Sumber resmi ↗

SEVD-2025-244-01 ↗criticalVendorSchneider Electric · 2025-09-02

Schneider · Modicon M580 Safety

Tampering safety task via Modbus/UMAS tanpa otentikasi.

Mitigation: Firmware SV4.30; aktifkan Modbus UMAS auth; whitelist IP engineering.

Sektor: MultiVendor: SchneiderCVEs:CVE-2025-6021 ↗Sumber resmi ↗

ICSA-25-231-02 ↗highGovernmentCISA · 2025-08-19

Rockwell · CompactLogix 5380

Heap overflow di parser EtherNet/IP memungkinkan crash/PRC.

Mitigation: Firmware v33.013+; CIP firewall di boundary.

Sektor: ManufacturingVendor: RockwellCVEs:CVE-2025-5544 ↗Sumber resmi ↗

AA25-210A ↗criticalGovernmentCISA/FBI/NSA · 2025-07-29

Multi · Edge VPN/Firewall

Joint advisory: aktor PRC mengeksploitasi appliance edge untuk persistence pre-positioning.

Mitigation: Patch segera; audit konfigurasi; threat hunt LotL.

Sektor: MultiVendor: MultiCVEs:CVE-2025-2244 ↗CVE-2025-2018 ↗Sumber resmi ↗

ICSA-25-204-01 ↗criticalGovernmentCISA · 2025-07-23

Rockwell · GuardLogix 5580

Safety task tampering via CIP.

Mitigation: Firmware v34.014; CIP firewall rule; segmentasi safety.

Sektor: MultiVendor: RockwellCVEs:CVE-2025-4910 ↗Sumber resmi ↗

SEVD-2024-194-05 ↗highVendorSchneider PSIRT · 2025-07-12

Schneider Electric · EcoStruxure Control Expert

Local privilege escalation via DLL hijack.

Mitigation: Update v17.x.

Sektor: ManufacturingVendor: Schneider ElectricCVEs:CVE-2024-5912 ↗Sumber resmi ↗

ICSA-24-165-01 ↗highGovernmentCISA · 2025-06-13

Rockwell Automation · FactoryTalk View SE

RCE via project file parsing.

Mitigation: Patch BF28055.

Sektor: ManufacturingVendor: Rockwell AutomationCVEs:CVE-2024-4233 ↗Sumber resmi ↗

VDE-2025-022 ↗highCERTCERT@VDE · 2025-06-12

Phoenix Contact · mGuard rs4000

Auth bypass admin web interface industrial firewall.

Mitigation: Firmware 10.5; nonaktifkan admin web dari WAN.

Sektor: MultiVendor: Phoenix ContactCVEs:CVE-2025-1611 ↗Sumber resmi ↗

ICSA-25-160-03 ↗highGovernmentCISA · 2025-06-09

Rockwell · FactoryTalk Linx

Buffer overflow di CIP message handler.

Mitigation: Patch BF31044; segmentasi engineering.

Sektor: ManufacturingVendor: RockwellCVEs:CVE-2025-2710 ↗Sumber resmi ↗

HON-2024-014 ↗mediumVendorHoneywell PSIRT · 2025-05-21

Honeywell · ControlEdge PLC

DoS via crafted EtherNet/IP.

Mitigation: Firmware R151+.

Sektor: Oil & GasVendor: HoneywellCVEs:CVE-2024-3104 ↗Sumber resmi ↗

YSAR-25-0003 ↗criticalVendorYokogawa · 2025-05-21

Yokogawa · ProSafe-RS

Auth bypass engineering protocol pada SIS.

Mitigation: Upgrade R4.06; SIS air-gap; key-switch enforcement.

Sektor: Oil & GasVendor: YokogawaCVEs:CVE-2025-4810 ↗Sumber resmi ↗

HON-2025-027 ↗highVendorHoneywell · 2025-05-15

Honeywell · Safety Manager

Improper auth pada engineering interface SIS.

Mitigation: Firmware R163; segmentasi SIS dari BPCS.

Sektor: Oil & GasVendor: HoneywellCVEs:CVE-2025-3611 ↗Sumber resmi ↗

AA25-119A ↗criticalEmergencyCISA · 2025-04-29

Siemens · SIMATIC S7-1500

Auth bypass di web mgmt PLC; eksploitasi aktif diobservasi.

Mitigation: Update 3.1.5+; nonaktifkan web mgmt; isolasi cell.

Sektor: MultiVendor: SiemensCVEs:CVE-2025-3211 ↗Sumber resmi ↗

EISAC-2025-04 ↗highCERTE-ISAC · 2025-04-10

Multi · IEC-104 RTU

Volt/Voltzite recon terhadap IEC-104 RTU US utility.

Mitigation: Threat hunt LotL; egress filter; isolasi process bus.

Sektor: EnergyVendor: MultiSumber resmi ↗

FG-IR-25-119 ↗highVendorFortinet PSIRT · 2025-03-11

Fortinet · FortiGate Rugged

SSL VPN heap overflow di firewall ruggedized.

Mitigation: FortiOS 7.4.5+; matikan SSL VPN bila tidak perlu.

Sektor: MultiVendor: FortinetCVEs:CVE-2025-2244 ↗Sumber resmi ↗

AUTO-ISAC-2025-02 ↗mediumCERTAuto-ISAC · 2025-03-05

Multi · Auto Supplier IT

Ransomware DragonForce/Akira meningkat menyerang Tier-1/2 auto supplier.

Mitigation: MFA VPN; ESXi patch; backup tested.

Sektor: ManufacturingVendor: MultiSumber resmi ↗

OPC-FN-2025-002 ↗highCERTOPC Foundation · 2025-02-14

OPC Foundation · UA .NET Standard

Cert validation bypass pada chain custom.

Mitigation: Upgrade 1.5.376+; aktifkan strict cert pinning.

Sektor: MultiVendor: OPC FoundationCVEs:CVE-2025-1812 ↗Sumber resmi ↗

AA25-022A ↗highGovernmentCISA/EPA · 2025-01-22

Unitronics · Vision PLC

Default password Unitronics terus dieksploitasi aktor Iran-linked di water utility.

Mitigation: Ganti default password; hapus exposure internet; lapor CISA.

Sektor: WaterVendor: UnitronicsSumber resmi ↗

H-ISAC-2024-12 ↗criticalCERTH-ISAC · 2024-12-18

Multi · Healthcare IT

Qilin & RansomHub aktif menyerang lab & rumah sakit global.

Mitigation: Identity hardening; backup tested; tabletop IR.

Sektor: HealthcareVendor: MultiSumber resmi ↗

ICSA-24-330-02 ↗highGovernmentCISA · 2024-11-25

Rockwell · Stratix 5800

Command injection di IOS-XE web UI switch industrial.

Mitigation: Upgrade IOS-XE 17.12.3; nonaktifkan HTTP server.

Sektor: ManufacturingVendor: RockwellCVEs:CVE-2024-11505 ↗Sumber resmi ↗

SSA-2024-281 ↗criticalVendorSiemens ProductCERT · 2024-10-08

Siemens · RUGGEDCOM ROX II

Remote root via SNMPv3 di router substation.

Mitigation: Firmware 2.16; SNMPv3 hanya internal.

Sektor: EnergyVendor: SiemensCVEs:CVE-2024-13207 ↗Sumber resmi ↗

WW-EMERG-2024-08 ↗criticalEmergencyWaterISAC · 2024-08-20

Multi · Internet-exposed HMI

Spike eksploitasi HMI water utility yang exposed ke internet.

Mitigation: Audit shodan; lepas dari internet; MFA remote access.

Sektor: WaterVendor: MultiSumber resmi ↗

Sumber resmi yang diagregasi