Skip to main content

Weekly Intelligence Brief on Encryption Standards and Security Vulnerabilities - Week of October 20, 2025

October 21, 2025

Key Takeaways

  • Siemens reported vulnerabilities in RUGGEDCOM devices.
  • CISA stopped updating Industrial Control Systems (ICS) advisories for Siemens products.
  • Virtru promoted Access Control Policy (ACP) 240 for secure data sharing among allied nations.
  • ACP 240 aligns with Zero Trust security principles.
  • Virtru continues partnerships to enhance data security.

Siemens has alerted users to vulnerabilities in its RUGGEDCOM Robot Operating System (ROS) devices, which could allow remote exploitation. These vulnerabilities involve the use of a broken cryptographic algorithm, improper handling of exceptional conditions, and failure in protection mechanisms. The affected products include multiple RUGGEDCOM models and versions, with a Common Vulnerability Scoring System (CVSS) score of up to 8.8.

As of January 10, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) announced it will no longer provide updates on advisories regarding Siemens' ICS vulnerabilities. Users are advised to refer directly to Siemens for the latest information.

Virtru has advocated for the adoption of Allied Communication Publication (ACP) 240 among Five Eyes and allied nations. This standard employs the Zero Trust Data Format (ZTDF) to ensure secure data sharing in military operations. Collaborative efforts are underway with defense partners to integrate robust data-centric protections within various operational environments.

Adoption of ACP 240 supports the Combined Joint All-Domain Command and Control (ADC2) initiative, enhancing operational efficiency among allied forces. Virtru remains active in promoting data security standards across its partnerships, facilitating compliance while securing sensitive data transfers in defense applications.

  1. Siemens alerts on RUGGEDCOM ROS device vulnerabilities
    CISA stops updating advisories on Siemens ICS vulnerabilities after January 10, 2023. Users must refer to Siemens for current info.
  2. Virtru promotes ACP 240 standard for allied nations
    The Zero Trust Data Format at the core of ACP 240 ensures secure data sharing, crucial for coalition military operations.

Related Perspectives