ICS Security Week in Review — 12 May 2026
This week's advisory feeds produced 38 ICS security advisories across 11 vendors.
At a Glance
| | |
|---|---|
| Total advisories | 38 |
| Critical severity | 1 |
| High severity | 7 |
| Actively exploited (CISA KEV) | 0 |
| Vendors affected | 11 |
By source:
- Siemens ProductCERT: 19
- CISA ICS-CERT: 12
- BSI CERT-Bund (EU): 7
---
Top Advisories This Week
#### 🔴 SIEMENS-SSA-085541 — CVSS 9.3
SSA-085541 V1.0: Missing Authentication in Critical Function in ActiveMQ Artemis (CVE-2026-27446) in Opcenter RDnL
Affected: Siemens — CVE-2026-27446
#### 🟠 ICSA-26-125-05 — CVSS 8.7
Johnson Controls CEM AC2000
Affected: Johnson Controls Inc. — CVE-2026-21661
#### 🟠 ICSA-24-319-16 — CVSS 8.6
Hitachi Energy MSM (Update A)
Affected: Hitachi Energy — CVE-2024-2398, CVE-2019-5097
#### 🟠 ICSA-24-331-03 — CVSS 8.1
Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 and M580 Safety PLCs
Affected: Schneider Electric — CVE-2023-6408, CVE-2023-6409 +1 more
#### 🟠 ICSA-23-227-01 — CVSS 8.1
Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU (Update A)
Affected: Schneider Electric — CVE-2022-45789
---
Most Active Vendors This Week
- Siemens — 19 advisories
- Open Source — 5 advisories
- ABB — 3 advisories
- Hitachi Energy — 2 advisories
- Schneider Electric — 2 advisories
---
Don't Miss the Next One
OTWarden monitors CISA ICS-CERT, BSI CERT-Bund (EU), Siemens ProductCERT, and Rockwell Automation 24/7 and emails you within 2 hours when a new advisory matches your watchlist — filtered to your specific vendors and products.
Browse this week's full list at otwarden.com/top-advisories — no login needed.