(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – May 28, 2026
Created: Thursday, May 28, 2026 - 15:30
Categories: Cybersecurity, Federal & State Resources, OT-ICS Security
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
On May 28, 2026, CISA Released 11 Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- MacGregor Voyage Data Recorder (VDR) G4e
- Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
- ABB EIBPORT
- ABB Busch-Welcome 2 Wire Door Opener Actuator
- CP Plus 8 Ch. Network Video Recorder
- KMW CCTV Security Cameras
- Schnieider Electric EcoStruxure Machine Expert HVAC – Used in Water and Wastewater Systems and Energy
- XCharge C6
- Fourth Frontier Frontier X Mobile Application, Frontier X2
- Mitsubishi Electric Factory Automation Engineering Products (Update L)
- ABB Ability Zenon Remote Transport Vulnerability (Update A) – Used in Water and Wastewater Systems and Energy
On May 26, 2026, CISA Released Seven Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- Eppendorf BioFlo 320
- ABB Terra AC – Used in Energy
- ABB AC500 V2 – Used in Water and Wastewater Systems and Energy
- ABB Ability Zenon Remote Transport Vulnerability (Update A) – Used in Water and Wastewater Systems and Energy
- ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) – Used in Water and Wastewater Systems and Energy
- ABB Ability Camera Connect – Used in Energy
- ABB LVS MConfig – Used in Water and Wastewater Systems and Energy
Additional Alerts, Updates, and Bulletins:
- Supply Chain Compromises Impact Nx Console and GitHub Repositories
- May 27 – CISA Adds Three Known Exploited Vulnerabilities to Catalog
- May 26 – CISA Adds One Known Exploited Vulnerability to Catalog
- May 22 – CISA Adds One Known Exploited Vulnerability to Catalog
- May 21 – CISA Adds Two Known Exploited Vulnerabilities to Catalog