Patch Tuesday Panic! Major Security Flaws Unveiled by Siemens, Rockwell & More
Siemens, Rockwell Automation, Schneider Electric, and Phoenix Contact have issued Patch Tuesday advisories for ICS/OT product vulnerabilities. Siemens alone offers 14 new advisories, with some dubbed ‘critical.’ Meanwhile, Schneider Electric addresses a WSUS vulnerability, and Rockwell Automation tackles SQL injection woes. Phoenix Contact isn’t left out, with multiple vulnerabilities in its FL SWITCH series.
Hot Take:
Patch Tuesday is like Christmas for cybersecurity nerds—except instead of presents, you get a list of vulnerabilities that make you question if your industrial systems are secretly plotting against you. Siemens, Rockwell Automation, Schneider Electric, and Phoenix Contact just dropped a treasure trove of advisories. It’s almost like they’re saying, “Happy holidays, now go patch like your systems depend on it!”
Key Points:
- Siemens has issued 14 advisories, with three rated ‘critical’ and several others rated ‘high’ or ‘medium’.
- Schneider Electric’s advisories cover vulnerabilities in EcoStruxure Foxboro DCS, including a WSUS issue.
- Rockwell Automation warns of high-severity DoS and SQL injection threats in specific products.
- Phoenix Contact’s advisory details multiple vulnerabilities in their FL SWITCH 2xxx series switches.
- CISA jumps in with advisories on vulnerabilities affecting CCTV cameras in India, Festo LX Appliance, and U-Boot.