ICS-vulnerability

The Credential Reckoning: Smart Office Security in the First Half of June 2026

In two weeks, CISA published three IoT advisories covering smart doorbells, cameras and a yard robot — every headline flaw a hardcoded or default credential. Acer shipped fixes for two CVSS 10.0 mesh-router zero-days, Cisco confirmed active exploitation of an SD-WAN Manager flaw, and a multi-agency advisory warned of attacks on internet-exposed fuel-tank gauges. All of it lands as the EU Cyber Resilience Act's 24-hour reporting clock counts down to September 11.

June 14, 2026

Smart Office Security Month in Review: The Eight Things That Defined May 2026

May 2026 produced a CVSS 10.0 Cisco firewall zero-day exploited by ransomware for weeks before disclosure, two active botnet campaigns against industrial routers, a dark web ICS malware toolkit, a critical telnet RCE in legacy OT devices, CISA advisories across five major vendors, a supply chain attack targeting AI developers, and joint government guidance explicitly prohibiting LLMs in safety-critical OT systems. Here is what the month meant for organizations running connected office environments.

May 29, 2026

CVSS 10.0: Interlock Ransomware Exploited Cisco's Firewall Zero-Day for Weeks Before Cisco Knew

CVE-2026-20131 in Cisco Secure Firewall Management Center carries the maximum possible CVSS score of 10.0 and allows unauthenticated remote attackers to execute arbitrary Java code as root via an insecure deserialization flaw. The Interlock ransomware group was exploiting it as a zero-day from January 26, 2026 — more than a month before Cisco disclosed the vulnerability publicly — using memory-resident web shells, custom JavaScript and Java remote access trojans, and Active Directory certificate abuse to move through victim networks.

May 5, 2026

Smart Office Security Week in Review: The Seven Things That Mattered, April 22–28, 2026

This week produced a joint intelligence advisory on Chinese state-sponsored IoT device hijacking, a major Cisco wireless security report confirming that 85% of organizations are getting hit through wireless and IoT, critical vulnerabilities in Siemens industrial edge and building automation systems, a landmark workforce report linking skills gaps to real breaches, and a new NIST initiative on OT network visibility. Here is what it means for organizations running connected office environments.

April 29, 2026

The OT-ISAC Advisory and the Hidden ICS Vulnerabilities in Your Smart Building Infrastructure

A consolidated OT-ISAC advisory published in April 2026 documents critical flaws across industrial control and management systems including AVEVA supervisory platforms, Horner field controllers, Anviz access control hardware, and BASControl20 building automation systems. The advisory assigns a moderate exploitation risk within 30 to 90 days for exposed deployments — which describes a large share of smart building installations.

April 28, 2026

Siemens Industrial Edge Auth Bypass (CVE-2026-33892): What This ICS Vulnerability Means for Connected Offices and OT Networks

CISA released an advisory on April 21, 2026 disclosing a critical authentication bypass in Siemens Industrial Edge Management that allows unauthenticated remote attackers to access connected edge devices. The vulnerability affects organizations using Siemens industrial edge infrastructure for manufacturing, smart building management, and IT/OT convergence deployments.

April 25, 2026

🏷️ ICS-vulnerability