ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Rockwell

https://www.securityweek.com/wp-content/uploads/2023/11/ICS_Patches.jpg

Industrial giants Siemens, Schneider Electric, and Rockwell Automation have published July 2026 Patch Tuesday advisories to inform customers about vulnerabilities found in their ICS products.

Siemens published nine new advisories, including six that cover critical vulnerabilities (based on CVSS score). A CVSS score of 10 has been assigned to a token invalidation vulnerability in Opencenter X that allows an attacker to bypass authentication and gain full access to the application.

Critical vulnerabilities have also been patched or mitigated by Siemens in Mendix, Sidis Secured SmartPlug, Simatic S7-1500, Cadra, and Desigo CC. The security holes, many of which affect third-party components, can be exploited to launch DoS attacks, execute code, obtain sensitive data, and escalate privileges.

SecurityWeek ICS Cybersecurity Conference Heads to Nashville for Special 25-Year Anniversary Edition

Siemens addressed high-severity vulnerabilities in Simatic S7-PLCSIM, Ruggedcom APE1808, Comos, Designcenter, Simcenter, Solid Edge, and Tecnomatrix products.

Schneider Electrichas released two new...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

Read more

https://cdn.mos.cms.futurecdn.net/XJSQzQT4zhhbAQGwWdyCVf-2000-80.jpg

New York becomes the first US state to ban hyperscaler data centers, says it will 'lead the way in creating the strongest standards in the nation for data center developmen'

* New York State has temporarily banned new, large-scale data centers * One-year moratorium affects new 50MW+ campuses * NY wants to assess community, environmental and grid impacts New York State has banned the construction of new hyperscaler data centers, marking the latest step as mounting local opposition against AI and cloud facilities