Siemens CVSS 10.0 Flaw, Rockwell PLC DoS Patched in ICS Tuesday

Siemens, Rockwell, and Schneider Electric issued ICS Patch Tuesday advisories, including a CVSS 10.0 Opencenter X auth bypass and CompactLogix DoS flaws.
Table of Contents
    Add a header to begin generating the table of contents

    Siemens, Rockwell Automation, Schneider Electric, and other industrial control system vendors released security advisories as part of the monthly ICS Patch Tuesday cycle. The most severe finding is a CVSS 10.0 authentication bypass in Siemens Opencenter X that provides complete administrative access with no credentials required. Rockwell Automation published advisories covering critical denial-of-service vulnerabilities in CompactLogix and ControlLogix — the most widely deployed Rockwell programmable logic controllers in manufacturing and critical infrastructure. CISA published corresponding advisories for the ICS vulnerabilities.

    Siemens CVSS 10.0 Opencenter X Flaw and Other Critical ICS Advisories

    Siemens published nine advisories containing six critical vulnerabilities. The highest severity finding is in Opencenter X: a token invalidation flaw rated CVSS 10.0 that allows complete authentication bypass and full application access. Opencenter X is a Siemens industrial operations management platform used in building management, manufacturing, and process control environments. A CVSS 10.0 authentication bypass means an attacker with network access can gain full administrative control of the platform without presenting any credentials — the most severe possible classification under the scoring system.

    Siemens’ other critical advisories in this cycle cover multiple product lines. Critical vulnerabilities were patched in Mendix, Siemens’ low-code application development platform; Sidis Secured SmartPlug; Simatic S7-1500 PLC; Cadra; and Desigo CC, Siemens’ building management system. The vulnerability types across these products include code execution, denial-of-service, privilege escalation, and data exposure flaws — reflecting the breadth of attack surface across Siemens’ industrial and building automation portfolio.

    Rockwell CompactLogix and ControlLogix DoS Flaw and Its Major Fault Risk to PLCs

    Rockwell Automation published 12 advisories covering a total of two critical vulnerabilities and multiple high-severity issues. One critical finding covers the 1715 Redundant IO module: unauthenticated command-line interface access that enables unauthorized file operations and memory modification on the I/O module. In OT environments, redundant I/O modules control input and output signals for safety-critical systems where a single I/O failure needs a backup path — compromising the redundant module directly undermines the redundancy architecture that makes those systems reliable.

    The second critical set covers CompactLogix and ControlLogix controllers — the most widely deployed Rockwell programmable logic controllers across manufacturing, utilities, water treatment, and other critical infrastructure sectors. Three critical denial-of-service vulnerabilities were disclosed for these controller families, each capable of triggering a “major fault” condition on the affected PLC. A major fault in a CompactLogix or ControlLogix controller halts the program execution on the device, stopping the industrial process the controller manages. In a manufacturing setting, that means an unplanned production halt; in a critical infrastructure context such as water treatment or power distribution, it means interruption of the physical process the controller oversees.

    Schneider Electric IGSS and Cybersecurity Admin Expert Advisory Details

    Schneider Electric released two advisories in this ICS Patch Tuesday cycle. The first covers IGSS — the SCADA-based industrial monitoring system Schneider deploys in water, power, and industrial process monitoring applications. The IGSS advisory addresses an arbitrary code execution vulnerability triggered by malicious files. An attacker who can deliver a crafted file to an IGSS operator workstation can use the vulnerability to execute code on the monitoring system.

    The second Schneider advisory covers EcoStruxure Cybersecurity Admin Expert — Schneider’s dedicated cybersecurity management product for OT environments. The flaw is a local authentication bypass, meaning an attacker with physical or local system access to a machine running EcoStruxure CAE can bypass the authentication controls intended to restrict access to the cybersecurity management interface.

    Additional Advisories and CISA Coverage

    Beyond Siemens, Rockwell, and Schneider, advisories were published by ABB, Mitsubishi Electric, Murrelektronik, Mettler Toledo, Codesys, and Wago through VDE CERT and vendor channels. CISA published corresponding advisories for the ICS vulnerabilities disclosed in this cycle.

    The ICS Patch Tuesday cadence — synchronized with Microsoft’s monthly Patch Tuesday — has become the primary mechanism through which industrial vendors batch security fixes for their operational technology products. For organizations running CompactLogix or ControlLogix controllers in critical infrastructure environments, the three DoS vulnerabilities causing major fault conditions represent the most operationally disruptive risk in this cycle: these are not data exposure flaws but vulnerabilities that can halt physical process control.

    Related Posts