[Control systems] CISA ICS security advisories (AV26–655)

Serial number: AV26–655
Date: July 6, 2026

Between June 29 and July 5, 2026, CISA published ICS advisories to address vulnerabilities in the following products:

  • CubeSpace CW0057 Reaction Wheel – CW0057 Reaction Wheel
  • Delta Electronics DVP12SE PLC – all versions
  • Frangoteam FUXA SCADA/HMI – versions 1.3.1 and prior
  • Gardyn IoT Hub – versions prior to 2.12.2026
  • Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M – versions 1.000A to versions 1.014Q and prior
  • OFFIS DCMTK Toolkit – versions 3.7.0 and prior
  • Schneider Electric EasyLogic T150 and Saitel DP RTU – multiple versions
  • Schneider Electric EcoStruxure IT Data Center Expert – versions 9.1.1 and prior, 9,12
  • ST Engineering iDirect iQ-Series Terminals – multiple versions
  • StoneFly Storage Concentrator – multiple versions
  • XZ Utils vulnerability impacting B&R Products – multiple versions

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations, and apply the necessary updates if available.

Date modified: