π―Siemens found serious security problems in some of its products, like charging stations and SCALANCE devices, which could let bad guys take control. They're telling everyone to update their software right away to stay safe.
What Happened
On March 10, 2026, Siemens released a security advisory addressing vulnerabilities across numerous products. These vulnerabilities could potentially allow unauthorized access or control, posing risks to users and their operations. The affected products include various EV charging stations, Mendix applications, and several versions of the SIMATIC S7-1500, among others.
On April 14, 2026, Siemens expanded its advisory to include critical updates for additional products such as the Siemens Software Center, Simcenter 3D, Solid Edge SE2025, and the SCALANCE series. The advisory specifically mentions updates for the following products:
- Siemens Software Center β versions prior to V3.5.8.2
- Simcenter 3D β versions prior to V2506.6000
- Solid Edge SE2025 β versions prior to V225.0 Update 13
- RUGGEDCOM CROSSBOW Secure Access Manager β versions prior to V5.8
- SIPROTEC 5 devices β multiple versions and models
- SIMATIC IPC family β all versions
Additionally, the advisory highlights that users must update the Heliox Flex and Mobile DC charging stations to versions F4.11.1 and L4.10.1 respectively. Siemens is urging all users to take immediate action to protect their systems.
In a significant update, Siemens has also identified multiple vulnerabilities affecting the SCALANCE W-700 IEEE 802.11n family. These vulnerabilities, which include issues like improper authentication and injection flaws, affect devices running versions prior to V6.6.0. Users are strongly advised to upgrade to the latest version to mitigate these risks.
The advisory mentions specific vulnerabilities associated with the SCALANCE series, including CVE-2020-24588 and CVE-2022-31765, among others, which could lead to unauthorized access or control over critical infrastructure systems.
In a related note, Schneider Electric published advisories on April 14, 2026, addressing vulnerabilities in several of its products, including the Easergy MiCOM Px40 Series and Modicon Managed Switches. These vulnerabilities involve issues such as hard-coded credentials and third-party vulnerabilities, which could expose users to significant security risks. Schneider Electric is also urging users to apply necessary updates and review the provided mitigations to safeguard their systems.
Moreover, Dell has issued security advisories for vulnerabilities in multiple products, highlighting a broader trend of security concerns across various technology providers. Between April 6 and 12, 2026, Dell published advisories for products including Connectrix Switches, Data Protection Advisor, and Dell Networking OS10, urging users to apply updates to versions prior to specific release dates to mitigate risks similar to those identified in Siemens' and Schneider's advisories. For instance, Dell Networking OS10 users need to update to version 10.6.1.1 or later to ensure security.
Why Should You Care
If you use any of these Siemens, Schneider Electric, or Dell products, your systems could be at risk. Imagine leaving your front door unlocked; anyone could walk in and take what they want. Similarly, these vulnerabilities could allow hackers to exploit weaknesses in your systems, leading to data breaches or even operational failures.
Taking the time to update your software is like locking your door. Itβs a simple step that can save you from significant headaches later. Donβt wait until itβs too late; act now to secure your devices.
What's Being Done
Siemens is actively encouraging users and administrators to review the advisory and take action. Hereβs what you should do right now:
- Review the Siemens Security Advisory for detailed information.
- Apply the necessary updates to all affected products immediately.
- Follow the suggested mitigations provided in the advisory.
Similarly, Schneider Electric is urging users of their affected products to check their advisories and apply updates as necessary to protect against vulnerabilities. The Cyber Centre has recommended that users review the provided links and apply necessary updates to ensure their systems remain secure.
Dell also urges users of their affected products to check their advisories and apply updates as necessary to protect against vulnerabilities. Experts are closely monitoring the situation to see if any exploits emerge from these vulnerabilities. Stay alert and ensure your systems are updated. This highlights the importance of maintaining vigilance across all technology platforms to safeguard against potential threats.
With the increasing number of vulnerabilities reported, organizations must prioritize timely updates to their systems. The SCALANCE vulnerabilities, in particular, highlight the need for robust security measures in industrial control systems.
