ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Rockwell
Industrial giants Siemens, Schneider Electric, and Rockwell Automation have published July 2026 Patch Tuesday advisories to inform customers about vulnerabilities found in their ICS products.
Siemens published nine new advisories, including six that cover critical vulnerabilities (based on CVSS score). A CVSS score of 10 has been assigned to a token invalidation vulnerability in Opencenter X that allows an attacker to bypass authentication and gain full access to the application.
Critical vulnerabilities have also been patched or mitigated by Siemens in Mendix, Sidis Secured SmartPlug, Simatic S7-1500, Cadra, and Desigo CC. The security holes, many of which affect third-party components, can be exploited to launch DoS attacks, execute code, obtain sensitive data, and escalate privileges.
SecurityWeek ICS Cybersecurity Conference Heads to Nashville for Special 25-Year Anniversary Edition
Siemens addressed high-severity vulnerabilities in Simatic S7-PLCSIM, Ruggedcom APE1808, Comos, Designcenter, Simcenter, Solid Edge, and Tecnomatrix products.
Schneider Electric has released two new advisories. One of them addresses a high-severity vulnerability in the IGSS (Interactive Graphical SCADA System) product. An attacker can use specially crafted files to execute arbitrary code.
The second advisory describes a high-severity authentication bypass flaw in EcoStruxure Cybersecurity Admin Expert that can be exploited by a local attacker to compromise managed devices.
Rockwell Automation published 12 new advisories on Tuesday, including two covering critical vulnerabilities.
A critical vulnerability in the 1715 Redundant IO product can allow an unauthenticated attacker to access intrusive CLI commands, enabling them to read or delete files, stop tasks, change IO states, and modify memory.
Three critical DoS security holes that can be exploited to cause a major non-recoverable fault have been patched by Rockwell in its CompactLogix, ControlLogix, Compact GuardLogix, and GuardLogix controllers.
Rockwell patched high-severity vulnerabilities in Flex 5000 Adapter, FactoryTalk DataMosaix, FactoryTalk Services Platform, Arena, ThinManager, Studio 5000 Logix Designer, 1756-EN, 1734 POINT I/O, and 1719-AENTR products.
ABB and Mitsubishi Electric have not published any new advisories this Patch Tuesday, but they have informed customers of new flaws over the past month, including critical and high-severity issues.
Three ABB advisories and one Rockwell advisory were also distributed by the cybersecurity agency CISA on Tuesday.
Germany’s VDE CERT has published five new advisories covering vulnerabilities in Murrelektronik, Mettler Toledo, Codesys, and Wago products.
Related: ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact
Related: ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories