Several industrial giants including Siemens, Schneider Electric, Phoenix Contact, and Aveva released Patch Tuesday advisories addressing critical and high-severity vulnerabilities in their ICS/OT products. These advisories highlight issues such as authorization bypass, privilege escalation, remote code execution, and command injection, emphasizing the importance of timely patching for industrial security. #Siemens #SchneiderElectric #PhoenixContact #Aveva
Keypoints
- Siemens disclosed critical authorization bypass flaws in Industrial Edge Devices.
- Schneider Electric reported privilege escalation and code execution vulnerabilities in EcoStruxure products.
- Phoenix Contact addressed high-severity command injection issues affecting industrial routers.
- Aveva published vulnerabilities in Process Optimization that allow remote code execution.
- Various third-party components used in these products also contain exploitable security flaws.