[Control systems] CISA ICS security advisories (AV26-637)
Serial number: AV26-637 Date: June 29, 2026 Between June 22 and 28, 2026, CISA published ICS advisories to address vulnerabilities in the following products: ABB Freelance Security Lock – all versions B&R Industrial Automation GmbH APROL – versions prior to APROL-AutoYaST-DVD- V4.4-010.10.260602 B&R Industrial Automation GmbH Linux for B&R – versions prior to 12 B&R Industrial Automation GmbH X20EDS410 – all versions Daktronics Controller Firmware VFC-DMP-5000 / DMP-8000 – multiple versions Delta Electronics DTMSoft – all versions EVoke Systems Charging Station Management System (CSMS) – all versions VIEW HV-500S6 IP Camera – versions prior to IPCAM_V4.06.88.251229 Horner Automation Cscape – versions prior to 10.2_SP3 Hubbell Aclara Metrum Cellular Web Interface – versions prior to v2.1.0.105 OHIF DICOM Web Viewer Framework – versions prior to v3.12.0 PowerLogic P7 – versions 0.2.003.001.000 and prior pydicom pynetdicom Library – version v1.0.0 to versions prior to v3.0.4 Schneider Electric PowerLogic P7 – multiple versions Siemens Products using OpenSSL – all versions Siemens SINEC INS – versions prior to 1.0.2.6 Siemens SIPROTEC 5 Using DIGSI5 Protocol – all versions Siemens WinCC Certificate Manager – all versions Yokogawa Collaborative Information Server (CI Server) – versions R1.01 to R1.04 Yokogawa FAST/TOOLS – versions R9.01 to R10.04 The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available. CISA ICS Advisories
CSIRTS triage
- What
- CISA published ICS advisories to address vulnerabilities in multiple control systems.
- Who is affected
- Users of various control systems are affected.
- Urgency
- Remediation is important to mitigate potential security risks, although specific severity is unknown.
- Action
- Users should review the advisories and apply the necessary updates.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-637
More from Canadian Centre for Cyber Security
- unknownBitWarden security advisory (AV26-683)2026-07-10
- criticalAL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 12026-07-10
- unknownMicrosoft Edge security advisory (AV26-682)2026-07-10
- criticalBroadcom VMware security advisory (AV26-681)2026-07-10
- unknownDjango security advisory (AV26-084) – Update 12026-07-09