CISA issues six advisories on vulnerabilities in industrial control systems

The Cybersecurity and Infrastructure Security Agency (CISA) published six advisories addressing vulnerabilities in several Industrial Control Systems (ICS) products, identifying issues that could affect system security across multiple devices and platforms.

The advisories cover the Automated Logic WebCTRL Premium Server, ICAM365 CCTV Camera models, Opto 22 GRV-EPIC and GRV-RIO controller units, Festo MSE6-C2M, D2M, and E2M modules, Festo Didactic products, and the Emerson Appleton UPSMON-PRO. Specific details include affected firmware and software versions relevant to these products, but the advisories do not specify particular Common Vulnerabilities and Exposures (CVE) identifiers or exploit conditions for each vulnerability.

The reported vulnerabilities in these advisories present risks to device integrity, confidentiality, or availability, as noted by CISA, but the exact operational impacts vary by product and issue. No additional consequences are outlined beyond the advisories' statements.

CISA confirms that fixes or updates addressing these vulnerabilities have been released or are in progress, depending on the product. The advisories emphasize the importance of applying these updates where available but do not specify alternative mitigations.

Users and system administrators are advised to consult the respective advisories comprehensively to understand the detailed vulnerability information and the corresponding remediation steps provided by manufacturers. CISA highlights reviewing this guidance to maintain secure ICS environments.

IBM Lightpath Digital Realty report infrastructure updates - Week of January 26, 2026

iboss launches SSPM in its Zero Trust SASE platform

Salt Security releases Databricks connector and Netlify collector