As industrial and operational technology environments continue to converge with the Internet of Things, the security landscape grows ever more complex and critical. Today’s briefing highlights urgent vulnerabilities, patch releases, and emerging threats spanning ICS, IoT, and OT sectors, emphasizing the need for proactive risk management and swift remediation to protect vital infrastructure and connected devices.
ICS Patch Tuesday: Siemens, Schneider Electric, and Phoenix Contact Fix Critical Industrial Vulnerabilities
June’s ICS Patch Tuesday delivered essential security updates from Siemens, Schneider Electric, and Phoenix Contact addressing multiple critical vulnerabilities. Siemens patched authenticated command execution, privilege escalation, and DoS flaws, including an OpenSSL RCE (CVE-2025-15467); Schneider Electric fixed DoS, credential exposure, and information disclosure issues; while Phoenix Contact resolved an unauthenticated log download flaw in EV charging controllers.
Source: SecurityWeek
CISA Advisory: Hard-Coded Credentials in 30+ Siemens KACO Blueplanet Solar Inverter Models — No Fix Planned
CISA issued an advisory revealing critical vulnerabilities in over 30 Siemens KACO Blueplanet solar inverter models, including a hard-coded credential flaw and SQL injection vulnerability. With no firmware fix planned, operators of large-scale solar installations face ongoing risk, making network segmentation and compensating controls the only recommended mitigations while replacements are sought.
Source: CISA
Ivanti Sentry Hit with CVSS 10.0 RCE and Authentication Bypass Vulnerabilities
Ivanti disclosed two critical vulnerabilities in Ivanti Sentry, including a CVSS 10.0 OS command injection allowing unauthenticated root remote code execution and an authentication bypass enabling creation of admin accounts. Exploitation has been confirmed, prompting Ivanti’s release of patches—organizations must apply updates immediately given the severity and active targeting of this widely used OT security platform.
Source: The Hacker News
Black Hat Asia 2026: IoT Devices Expose Cleartext Credentials Over the Open Internet — From Cat Feeders to Solar Farms
Research at Black Hat Asia 2026 uncovered alarming IoT security failures, including a smart pet feeder and an industrial solar farm management interface transmitting credentials in cleartext over unencrypted HTTP connections. The findings highlight the persistent risks posed by unsupported firmware and lack of TLS encryption, leaving IoT and OT devices vulnerable to credential theft and unauthorized access.
Source: Corelight
EU Cyber Resilience Act September 2026 Deadline: Less Than 100 Days for IoT/OT Manufacturers to Comply
With fewer than 100 days until the EU Cyber Resilience Act’s enforcement date, IoT and OT manufacturers face mounting pressure to comply with new reporting requirements for exploited vulnerabilities and security incidents. Industry experts warn that widespread gaps in software inventory and SBOM visibility threaten compliance readiness, potentially causing significant disruption across multiple sectors.
Source: IoT M2M Council
As these developments demonstrate, vigilance and timely action remain paramount in securing the rapidly evolving OT and IoT ecosystems. Stay informed, apply patches promptly, and implement robust security measures to safeguard critical infrastructure and connected devices against emerging threats.
