Interested in #OT security? International partner agencies recently released 8 secure connectivity principles for #OT.

Read our blog to learn about the initial four principles and how runZero can help OT system owners implement the guidance and protect their environments.

🔗 Blog: https://www.runzero.com/blog/ot-connectivity-principles-part-2/

#OT #Advisory VDE-2026-030
MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow RCE, SQLi or information leakage.
#CVE CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

https://certvde.com/en/advisories/vde-2026-030/

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json

On this episode of the 🎙️ Nexus Podcast, Raphael Arakelian, the #OT/#IoT Cybersecurity Manager for Accenture, joins to discuss the inner workings of 📟 Operation Grim Beeper, a 2024 Israeli operation that used booby-trapped pagers and walkie talkies to injure or kill Hezbollah members.

Raphael studied the technical, #cybersecurity, and supply-chain risks involved in this operation, and shares how those lessons can be applied to operational technology.

🎧 Listen here: https://nexusconnect.io/podcasts/raphael-arakelian-on-operation-grim-beeper

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

I sick but I needed to test something and this was the fastest way to wire things up. I have sinned before God and man.

#ot #infosec

#OT #Advisory VDE-2026-021
WAGO: Multiple Vulnerabilities in WAGO VC Hub

The VC Hub incorporates the Magick.NET‑Q16‑AnyCPU component, derived from ImageMagick, to process user‑uploaded images and generate thumbnails within the projects image library. Only authenticated users with the Design Project Permission can upload images.
#CVE CVE-2026-25983, CVE-2026-25897, CVE-2026-25987, CVE-2026-25898, CVE-2026-25794, CVE-2026-28693, CVE-2026-25966, CVE-2026-30929, CVE-2026-28691, CVE-2026-26283, CVE-2026-26066, CVE-2026-25989, CVE-2026-25988, CVE-2026-25985, CVE-2026-25969, CVE-2026-25967, CVE-2026-25965, CVE-2026-25799, CVE-2026-25798, CVE-2026-25796, CVE-2026-25795, CVE-2026-24485, CVE-2026-24481, CVE-2026-28494, CVE-2026-30937, CVE-2026-30931, CVE-2026-28686, CVE-2026-28690, CVE-2026-28493, CVE-2026-28689, CVE-2026-30883, CVE-2026-31853, CVE-2026-30936, CVE-2026-28687, CVE-2026-28688, CVE-2026-26983, CVE-2026-25797, CVE-2026-25638, CVE-2026-25637, CVE-2026-24484, CVE-2026-25576, CVE-2026-28692, CVE-2026-30935, CVE-2026-27799, CVE-2026-27798

https://certvde.com/en/advisories/vde-2026-021/

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-021.json

#OT #Advisory VDE-2026-010
WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere

Multiple vulnerabilities have been identified in WAGO Solution Builder and WAGO Device Sphere that affect components responsible for authentication and system communication.
#CVE CVE-2025-55315, CVE-2026-2328

https://certvde.com/en/advisories/vde-2026-010/

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-010.json