NEW

Security news and analysis brought to you by the McCrary Institute

| READ MORE →

CISA flags critical ICS vulnerabilities in Siemens, Schneider Electric, ABB equipment affecting critical sectors

(Image by Michael Schwarzenberger from Pixabay)

By Anna Ribeiro • Apr 27, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released on Tuesday five ICS (industrial control systems) advisories, providing timely information about current security issues, vulnerabilities, and exploits surrounding critical hardware. The agency warned of security flaws in Siemens, Schneider Electric, and ABB hardware deployed across critical infrastructure installations.

In an advisory, CISA warned of the presence of an ‘Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)’ vulnerability in Siemens’ TeleControl Server Basic versions before V3.1.2.2, deployed globally across the energy, water and wastewater, and transportation sectors. “Successful exploitation of these vulnerabilities could allow an attacker to read and write to the application’s database, cause a denial-of-service condition, and execute code in an OS shell,” it added.

Read more at Industrial Cyber

Read More

Spain and Portugal hit by major power outage, halting trains and flights and wiping out traffic lights

News | Energy

Spain and Portugal hit by major power outage, halting trains and flights and wiping out traffic lights

CNN • Apr 28, 2025

Murder charges filed against suspect in ramming attack on Vancouver street festival that killed 11

News | Commercial

Murder charges filed against suspect in ramming attack on Vancouver street festival that killed 11

The Associated Press • Apr 27, 2025

Kubernetes pods are inheriting too many permissions

News

Kubernetes pods are inheriting too many permissions

Dark Reading • Apr 27, 2025

How the GCC is strengthening its cyber resilience in the digital age

News | Government

How the GCC is strengthening its cyber resilience in the digital age

World Economic Forum • Apr 27, 2025

Verizon's DBIR reveals 34% jump in vulnerability exploitation

News

Verizon's DBIR reveals 34% jump in vulnerability exploitation

Infosecurity Magazine • Apr 27, 2025

Attackers hit security device defects hard in 2024

News | Information Technology

Attackers hit security device defects hard in 2024

CyberScoop • Apr 27, 2025

News | Financial

Financial malware on the rise as espionage attacks decline

SC Media • Apr 27, 2025

News | Transportation

Energy | Transportation | Water

CISA flags critical ICS vulnerabilities in Siemens, Schneider Electric, ABB equipment affecting critical sectors

Industrial Cyber • Apr 27, 2025

News

Cisco confirms some products impacted by critical Erlang/OTP flaw

Security Week • Apr 27, 2025

News | Information Technology

ASUS releases fix for AMI bug that lets hackers brick servers

Bleeping Computer • Apr 27, 2025