ICS Security Week in Review — 14 July 2026
This week's advisory feeds produced 39 ICS security advisories across 20 vendors.
At a Glance
| | |
|---|---|
| Total advisories | 39 |
| Critical severity | 7 |
| High severity | 5 |
| Actively exploited (CISA KEV) | 1 |
| Vendors affected | 20 |
By source:
- BSI CERT-Bund (EU): 21
- CISA ICS-CERT: 17
- Siemens ProductCERT: 1
---
⚠️ Actively Exploited This Week
1 advisory this week involve CVEs on CISA's Known Exploited Vulnerabilities (KEV) catalog — meaning attackers are actively using them right now. These should be your highest priority.
---
Top Advisories This Week
#### 🔴 ICSA-26-190-01 — CVSS 9.9
OpenPLC v3
Affected: OpenPLC — CVE-2026-14480
#### 🔴 ICSA-25-135-01 — CVSS 9.8 ⚠️ ACTIVELY EXPLOITED
Siemens RUGGEDCOM APE1808 Devices
Affected: Siemens — CVE-2024-32122, CVE-2024-50562 +20 more
#### 🔴 ICSA-25-254-07 — CVSS 9.8
Siemens User Management Component (UMC)
Affected: Siemens — CVE-2025-40795, CVE-2025-40796 +2 more
#### 🔴 ICSA-26-188-01 — CVSS 9.8
Hydro-Québec Le Circuit Electrique charging station backend
Affected: Hydro-Québec — CVE-2026-20744, CVE-2026-42952 +1 more
#### 🔴 ICSA-26-188-05 — CVSS 9.8
Siemens SINEC OS
Affected: Siemens — CVE-2025-1352, CVE-2025-1376 +75 more
---
Most Active Vendors This Week
- Open Source — 12 advisories
- Siemens — 10 advisories
- Hitachi Energy — 2 advisories
- Schneider Electric — 2 advisories
- OpenPLC — 1 advisory
---
Don't Miss the Next One
OTWarden monitors CISA ICS-CERT, BSI CERT-Bund (EU), Siemens ProductCERT, and Rockwell Automation 24/7 and emails you within 2 hours when a new advisory matches your watchlist — filtered to your specific vendors and products.
Browse this week's full list at otwarden.com/top-advisories — no login needed.