Serial number: AV26–036
Date: January 19, 2026
Between January 12 and 18, 2026, CISA published ICS advisories to address vulnerabilities in the following products:
- AVEVA Process Optimization – versions prior to 2024.1
- Festo Firmware – multiple applications and all versions
- Rockwell Automation 432ES-IG3 Series A – version V1.001
- Rockwell Automation FactoryTalk DataMosaix Private Cloud – version 7.11
- Rockwell Automation FactoryTalk DataMosaix Private Cloud – version 8.00
- Rockwell Automation FactoryTalk DataMosaix Private Cloud – version 8.01
- Schneider Electric EcoStruxure Power Build Rapsody – multiple versions and models
- Siemens Industrial Edge Device Kit – multiple versions
- Siemens Industrial Edge Devices – multiple versions and models
- Siemens RUGGEDCOM APE1808 Devices – contact customer support to receive patch and update information
- Siemens RUGGEDCOM ROS – versions prior to V5.10.1
- Siemens SIMATIC and SIPLUS – multiple versions and models
- Siemens SINEC Security Monitor – version prior to V4.10.0
- Siemens TeleControl Server Basic – versions prior to V3.1.2.4
- YoSmart YoLink Mobile Appication – version v1.40.45
- YoSmart YoLink Smart Hub – version 0382
- YoSmart server – all versions
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.