CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

[Control systems] CISA ICS security advisories (AV26-637)

unknown
Serial number: AV26-637 Date: June 29, 2026 Between June 22 and 28, 2026, CISA published ICS advisories to address vulnerabilities in the following products: ABB Freelance Security Lock – all versions B&R Industrial Automation GmbH APROL – versions prior to APROL-AutoYaST-DVD- V4.4-010.10.260602 B&R Industrial Automation GmbH Linux for B&R – versions prior to 12 B&R Industrial Automation GmbH X20EDS410 – all versions Daktronics Controller Firmware VFC-DMP-5000 / DMP-8000 – multiple versions Delta Electronics DTMSoft – all versions EVoke Systems Charging Station Management System (CSMS) – all versions VIEW HV-500S6 IP Camera – versions prior to IPCAM_V4.06.88.251229 Horner Automation Cscape – versions prior to 10.2_SP3 Hubbell Aclara Metrum Cellular Web Interface – versions prior to v2.1.0.105 OHIF DICOM Web Viewer Framework – versions prior to v3.12.0 PowerLogic P7 – versions 0.2.003.001.000 and prior pydicom pynetdicom Library – version v1.0.0 to versions prior to v3.0.4 Schneider Electric PowerLogic P7 – multiple versions Siemens Products using OpenSSL – all versions Siemens SINEC INS – versions prior to 1.0.2.6 Siemens SIPROTEC 5 Using DIGSI5 Protocol – all versions Siemens WinCC Certificate Manager – all versions Yokogawa Collaborative Information Server (CI Server) – versions R1.01 to R1.04 Yokogawa FAST/TOOLS – versions R9.01 to R10.04 The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available. CISA ICS Advisories

CSIRTS triage

Other
What
CISA published ICS advisories to address vulnerabilities in multiple control systems.
Who is affected
Users of various control systems are affected.
Urgency
Remediation is important to mitigate potential security risks, although specific severity is unknown.
Action
Users should review the advisories and apply the necessary updates.

AI-assisted analysis generated from the source advisory — verify against the original.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
unknown
Published
2026-06-29
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-637

More from Canadian Centre for Cyber Security