Serial number: AV26-134
Date: February 17, 2026
Between February 9 and 15, 2026, CISA published ICS advisories to address vulnerabilities in the following products:
- AVEVA PI Data Archive PI Server – multiple versions
- AVEVA PI to CONNECT Agent – versions prior to v2.4.2520
- Airleader GmbH Airleader Master – version 6.381 and prior
- Hitachi Energy SuprOS – versions 9.2.1 and prior and 9.2.2.0
- Siemens COMOS V10.4 – versions prior to 10.4.5
- Siemens COMOS V10.4.5 – versions prior to 10.4.5.0.2
- Siemens COMOS V10.5 – versions prior to 10.5.2
- Siemens COMOS V10.6 – all versions
- Siemens Desigo CC family V6/V7 vers – all versions
- Siemens Desigo CC family V8 – versions prior to V8.0 QU2
- Siemens NX – versions prior to V2512
- Siemens Polarion V2404 – versions prior to 2404.5
- Siemens Polarion V2410 – versions prior to 2410.2
- Siemens SENTRON Powermanager V6/V7 vers – all versions
- Siemens SENTRON Powermanager V8 – versions prior to V8.0 QU2
- Siemens SINEC NMS – all versions (CVE-2026-25655)
- Siemens SINEC NMS – versions prior to V4.0 SP2 (CVE-2026-25656)
- Siemens SINEC OS – multiple versions and platforms
- Siemens Siveillance Video Management Servers – multiple versions and models
- Siemens Solid Edge – versions prior to V226.00 Update 03
- Yokogawa FAST/TOOLS – versions R9.01 to R10.04
- ZLAN Information Technology Co. ZLAN5143D – version v1.600
- ZOLL ePCR IOS Mobile Application – version 2.6.7
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.