Several industrial control systems (ICS) giants have published new security advisories this Patch Tuesday, including Rockwell Automation, Siemens, Schneider Electric, and Phoenix Contact.
Rockwell Automation published the highest number of new advisories this Patch Tuesday. The company released eight new advisories, all of them covering high-severity vulnerabilities found recently in the company’s products.
Rockwell fixed a sensitive data exposure issue in FactoryTalk Analytics LogixAI, and DoS and code execution issues in ControlLogix controllers. It also addressed a remote code execution vulnerability in Stratix (Cisco) devices, a memory corruption in 1783-NATR, a SSRF issue in Automation ThinManager, a remote code execution flaw in FactoryTalk Optix, and a data exposure issue in FactoryTalk Activation Manager.
Siemens has published seven new advisories. With a CVSS score of 9.3, one of the most serious issues impacts Simatic Virtualization as a Service and allows an attacker to access or alter sensitive data.
Another vulnerability with a ‘critical’ severity rating impacts Siemens’ User Management Component (UMC) and it can be exploited for unauthenticated remote code execution or DoS attacks.
Siemens also addressed high-severity issues in Simotion and Industrial Edge Management products. Advisories covering medium- and low-severity flaws have been published for Sinamics, Apogee PXC and Talon TC, and Sinec OS products.
Schneider Electric published only two new advisories this Patch Tuesday. One of them covers two medium-severity OS command injection issues in Saitel DR & Saitel DP RTU products. The second advisory informs customers about an XSS flaw in Altivar products.
Phoenix Contact has published two new advisories: one for two vulnerabilities in the Jq JSON processor used by FL Mguard, and one for a vulnerability introduced by the use of Wibu’s CodeMeter Runtime.
Honeywell has published several advisories for building management products, including Maxpro and Pro-Watch NVR and VMS products.
CISA has published nine new and five updated advisories. Of the new advisories, a vast majority cover the Rockwell Automation product vulnerabilities.
One CISA advisory informs organizations about ABB product vulnerabilities. The vendor published its own advisory for the flaws, which impact its Aspect building management system, earlier this month. The issues were reported to ABB by researcher Gjoko Krstic, who in January claimed to have found over 1,000 vulnerabilities in ABB products.
Germany’s CERT@VDE agency published seven new advisories this week, including for a critical Wago controller vulnerability that can be exploited without authentication for DoS attacks and to weaken credentials, resulting in default credentials being applied to the device.
CERT@VDE’s advisories also cover two other Wago product vulnerabilities, two Bender Charge Controller issues, and the recently disclosed Phoenix Contact flaws.
| Learn More at SecurityWeek’s ICS Cybersecurity Conference The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.  October 27-30, 2025 | Atlanta www.icscybersecurityconference.com |
Related: ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact
Related: ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities
