[Control systems] CISA ICS security advisories (AV26–687)

Serial number: AV26–687
Date: July 13, 2026

Between July 6 and 12, 2026, CISA published ICS advisories to address vulnerabilities in the following products:

  • Digi International PortServer TS – multiple versions
  • Digi One SP IA – multiple versions
  • Hydro-Québec Le Circuit Electrique charging station backend – versions prior to June_2026
  • Hitachi Energy e-mesh EMS – versions 4.1.6, 4.4.2 and 4.7.0
  • Hitachi Energy PROMOD V – versions 1.0.10 and prior
  • Labcenter Proteus 9 – version Proteus 9.1_SP4_Build_42914
  • OpenPLC v3 – version OpenPLC v3
  • Schneider Electric Easergy MiCOM Px40 Series – multiple versions
  • Schneider Electric PowerChute Serial Shutdown – versions 1.4 and prior
  • Siemens Mendix Studio Pro – multiple versions
  • Siemens SINEC OS – version RUGGEDCOM RST2428P (6GK6242-6PA00) – versions prior to 4.0

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations, and apply the necessary updates if available.

Date modified: