6 Advisories and 4 Updates Published – 2-5-26

Today CISA’s NCCIC-ICS published six control system security advisories for products from Hitachi Energy (2), Ilevia, 06 Automation, Mitsubishi, and TP-Link. They also updated advisories for products from KiloView, Multiple India-based Vendors, Hitachi Energy, and Mitsubishi.

Hitachi Energy Advisory #1

This advisory discusses the BlastRadius.Fail vulnerability in their FOX61x product. Hitachi Energy provides generic mitigation measures.

NCCIC-ICS reports that successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product.

NOTE: I briefly discussed the vulnerability on January 31^st, 2026.

Hitachi Energy Advisory #2

This advisory discusses the BlastRadius.Fail vulnerability in their FOX61x product. Hitachi Energy provides generic mitigation measures.

NCCIC-ICS reports that successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product.

NOTE: I briefly discussed the vulnerability on January 31^st, 2026.

Ilevia Advisory

This advisory describes nine vulnerabilities in the Ilevia EVE X1 Server. The vulnerabilities were reported to CISA by Gjoko Krstic of Zero Science Lab. Ilevia provides generic mitigation measures.

The nine reported vulnerabilities are:

• Path traversal (3) CVE-2025-34185 (exploit), CVE-2025-34517 (exploit), and CVE-2025-34518 (exploit),

• OS command injection (4) - CVE-2025-34184 (exploit), CVE-2025-34186 (exploit), CVE-2025-34187 (exploit), and CVE-2025-34513 (exploit),

• Insertion of sensitive information in log-files - CVE-2025-34183 (exploit), and

• Cross-site scripting - CVE-2025-34512 (exploit).

NCCIC-ICS reports that successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary shell commands and the disclosure of sensitive system information.

NOTE: I briefly discussed each of the Zero Science reports.

06 Automation Advisory

This advisory describes an out-of-bounds write vulnerability in their Open62541 OPC UA stack. The vulnerability was reported to CISA by Andrew Fasano of NIST CAISI. 06 Automation has a new version that mitigates the vulnerability.

NCCIC-ICS reports that successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition and memory corruption.

Mitsubishi Advisory

This advisory describes an improper validation of specified quantity in input vulnerability in the MELSEC iQ-R Series products. The vulnerability was self-reported. Mitsubishi has a new version that mitigates the vulnerability.

NCCIC-ICS reports that successful exploitation of this vulnerability may allow an attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial-of-service condition on the affected product.

TP-Link Advisory

This advisory describes an improper authentication vulnerability in the TP-Link VIGI Series IP Cameras. The vulnerability was reported to CISA by Arko Dhar of Redinent Innovations. TP-Link has new firmware versions that mitigate the vulnerability.

NCCIC-ICS reports that successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras.

KiloView Update

This update provides additional information on the Encoder Series advisory that was originally published on January 29^th, 2025. The new information includes reporting that the affected products are end-of-life.

NOTE: The original advisory was a “has not responded to requests to work with CISA” advisory.

India Based Update

This update provides additional information on the CCTV Cameras advisory that was originally published on December 9^th, 2025. The new information includes adding response and mitigation from Securus as well as updated the affected products to include the Securus Purple Series.

NOTE: The original advisory was a “has not responded to requests to work with CISA” advisory.

Hitachi Energy Update

This update provides additional information on the Relion 670/650 advisory that was originally published on July 3^rd, 2025, and most recently updated on January 22^nd, 2026 (CISA advisory dates, not the Hitachi Energy dates listed in the ‘Revision History’). The new information includes updating fixed version 2.2.1.9.

NOTE: I briefly reported the updated information on February 1^st, 2026.

Mitsubishi Update

This update provides additional information on the MELSOFT Update Manager advisory that was originally published on July 3^rd, 2025, and most recently updated on January 20^th, 2026. The new information includes correcting misdescription.

NOTE 1: CVE-2025-0411, listed as a third-party vulnerability in this advisory, was listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog today (listed on February 6^th, 2026?).

NOTE 2: There is no corresponding update of the Mitsubishi advisory.