CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

[Control systems] CISA ICS security advisories (AV26–655)

unknown
Serial number: AV26–655 Date: July 6, 2026 Between June 29 and July 5, 2026, CISA published ICS advisories to address vulnerabilities in the following products: CubeSpace CW0057 Reaction Wheel – CW0057 Reaction Wheel Delta Electronics DVP12SE PLC – all versions Frangoteam FUXA SCADA/HMI – versions 1.3.1 and prior Gardyn IoT Hub – versions prior to 2.12.2026 Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M – versions 1.000A to versions 1.014Q and prior OFFIS DCMTK Toolkit – versions 3.7.0 and prior Schneider Electric EasyLogic T150 and Saitel DP RTU – multiple versions Schneider Electric EcoStruxure IT Data Center Expert – versions 9.1.1 and prior, 9,12 ST Engineering iDirect iQ-Series Terminals – multiple versions StoneFly Storage Concentrator – multiple versions XZ Utils vulnerability impacting B&R Products – multiple versions The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations, and apply the necessary updates if available. CISA ICS Advisories

CSIRTS triage

What
CISA published advisories to address vulnerabilities in various ICS products.
Who is affected
Users and administrators of affected ICS products.
Urgency
Remediation is necessary, but the severity is unknown.
Action
Users should review the advisories and apply updates as needed.

AI-assisted analysis generated from the source advisory — verify against the original.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
unknown
Published
2026-07-06
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-655

More from Canadian Centre for Cyber Security