CyberComplianceAI
InicioNoticiasIntel Center
Marketplace
CyberForoPrecios
AccederPro
The Pulse · Live Intelligence Feed

Intel Center

Una señal es cualquier evento operacional detectado en las últimas 24h–30d: CVEs en KEV explotados activamente, advisories de vendor, exposición cloud, ransomware y avisos regulatorios. Cada señal se prioriza por severidad, freshness y match con tu Digital Twin.

Para análisis editorial y noticias generales visita Noticias.

Consola en vivo · last 24h
Señales (ventana)568
Última detecciónhace 7 h
Monitorizado porintelligence scouter
506signals
Acción Requerida
4signals
Explotados & KEV
13signals
Vulns Críticas
Advisories de Vendor

Sin nuevos advisories PSIRT de vendor en la ventana.

También en el Intel CenterCloud & Identity38Monitor10

Intel Center Basic

Vista resumida de señales operativas

Discover muestra una cola corta de señales recientes para exploración. Los planes Pro desbloquean el catálogo KEV completo, más histórico, contexto por Digital Twin y priorización ampliada.

Ver planes ProCrear cuenta
Ventana24h7d30d7d / 30d solo en ProSeveridadCríticaAltaLimpiar filtros

Priority Command Strip

What your team should look at right now

6 señales críticas
  1. Action RequiredImmediate7h

    BlueHammer Vulnerability Exploited in Ransomware Attacks

    Explotación activa confirmada. Riesgo material para entornos expuestos.

    SecurityWeek · MicrosoftReview signal
  2. Action RequiredImmediate
All568Action Required506Exploited & KEV4Critical Vulns13Cloud & Identity38Monitor10

Discover muestra 8 señales operativas recientes. Sube a Consultant Pro o Professional Pro para abrir el feed completo, histórico ampliado y el catálogo KEV.

Critical VulnsMEDIAAltoNEWNIS2CRAGDPRInteligencia operacional

Delta Electronics DVP12SE PLC

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to remotely issue commands, modify operational values, interfere with control logic, and alter device behavior without authentication or privilege enforcement. The following versions of Delta Electronics DVP12SE PLC are affected: DVP12SE PLC vers:all/* (CVE-2026-12819, CVE-2026-12818) CVSS Vendor Equipment Vulnerabilities v3 9.8 Delta Electronics Delta Electronics DVP12SE PLC Missing Authentication for Critical Function, Allocation of Resources Without Limits or Throttling Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Taiwan Vulnerabilities Expand All + CVE-2026-12819 The Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions. The device accepts Modbus commands from any reachable network source without requiring credentials, privilege validation, or operator approval, allowing unauthorized read and write access to coils, holding registers, operational memory, relay states, and process control functions. View CVE Details Affected Products Delta Electronics DVP12SE PLC Vendor: Delta Electronics Product Version: Delta Electronics DVP12SE PLC: vers:all/* Product Status: known_affected Remediations Mitigation Delta Electronics is aware of these vulnerabilities and is currently working on a fix. Mitigation Delta Electronics recommends users apply the following workarounds: Mitigation Enable the IP Filter feature: Configure and enable the PLC's built-in IP Filter function via the programming software. Restrict access exclusively to the IP addresses of trusted devices (such as designated HMI panels or SCADA hosts) to block unauthorized network access.Set up PLC password protection: Enable password protection for the PLC within the programming software to e CVEs: CVE-2026-12819, CVE-2026-12818. Vendors: Delta Electronics Product Version: Delta Electronics DVP12SE PLC: vers:all/* Product Status: known_affected Remediations Mitigation Delta Electronics is aware of these vulnerabilities and is currently working on a fix. DORA relevance: medium.

Filtered for operational relevance. Powered by a curated catalog of vulnerability, CERT, vendor and threat-intelligence sources.View methodology →

CyberCompliance Pro

¿Quieres esto priorizado para tu rol cada mañana?

El Morning Brief Pro filtra estas señales por tu rol (CISO, SecOps, risk), sector y framework prioritario, y las convierte en acciones recomendadas listas a las 7:00.

Probar Morning Brief Pro →Ver precio

¿Aún no quieres Pro? Recibe el resumen de cumplimiento gratis cada semana.

10h

Aikido Security acquires Root to expand backported fixes for open source vulnerabilities

Explotación activa confirmada. Riesgo material para entornos expuestos.

Help Net Security · Microsoft · AWSReview signal
  • Action RequiredImmediate12h

    Critical SimpleHelp Vulnerability Exploited for Malware Delivery

    Explotación activa confirmada. Riesgo material para entornos expuestos.

    SecurityWeek · MicrosoftReview signal
  • Action RequiredImmediate12h

    Exploitation of Recent Oracle E-Business Suite Vulnerability Begins

    Explotación activa confirmada. Riesgo material para entornos expuestos.

    SecurityWeek · MicrosoftReview signal
  • Action RequiredImmediate12h

    CISA: Windows BlueHammer flaw now exploited by ransomware gangs

    Explotación activa confirmada. Riesgo material para entornos expuestos.

    BleepingComputer · MicrosoftReview signal
  • Action RequiredImmediate13h

    SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558)

    Explotación activa confirmada. Riesgo material para entornos expuestos.

    Help Net Security · Microsoft · GoogleReview signal
  • Por qué importa

    CVE de alto impacto sobre Delta Electronics Product Version: Delta Electronics DVP12SE PLC: vers:all/* Product Status: known_affected Remediations Mitigation Delta Electronics is aware of these vulnerabilities and is currently working on a fix. Planificar ventana de parche.

    Acción recomendada

    Check exposure to CVE-2026-12819, CVE-2026-12818 in asset inventory and vulnerability tooling.

    Vendors:Delta Electronics Product Version: Delta Electronics DVP12SE PLC: vers:all/* Product Status: known_affected Remediations Mitigation Delta Electronics is aware of these vulnerabilities and is currently working on a fixCISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 12:00
    Actualizado
    30 jun 2026, 17:00
    Detectado
    30 jun 2026, 17:00
    Fuente
    CISA All Alerts
    Referencia técnica
    NVD · CVE-2026-12819
    CISA All Alerts
    Prioridad · 59/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · CISA All Alerts authority (+12) · updated <24h (+5 cap)
    hace 8 horas
    Critical VulnsMEDIAAltoNEWNIS2CRAGDPRInteligencia operacional

    XZ Utils vulnerability impacting B&R Products

    View CSAF Summary An update is available that resolves vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the product to stop or corrupt memory data. The following versions of XZ Utils vulnerability impacting B&R Products are affected: PPC3100 <1.8.1, 1.8.1 (CVE-2025-31115) C50 <1.8.0, 1.8.0 (CVE-2025-31115) C80 <1.8.0, 1.8.0 (CVE-2025-31115) FT50 <1.8.1, 1.8.1 (CVE-2025-31115) MT50 <1.8.1, 1.8.1 (CVE-2025-31115) T30 <1.8.0, 1.8.0 (CVE-2025-31115) T80 <1.8.0, 1.8.0 (CVE-2025-31115) T50 <1.8.1, 1.8.1 (CVE-2025-31115) CVSS Vendor Equipment Vulnerabilities v3 7.5 B&R Industrial Automation GmbH XZ Utils vulnerability impacting B&R Products Race Condition within a Thread Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2025-31115 XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on the null pointer plus an offset. Applications and libraries that use the lzma_stream_decoder_mt function are affected. The bug has been fixed in XZ Utils 5.8.1, and the fix has been committed to the v5.4, v5.6, v5.8, and master branches in the xz Git repository. No new release packages will be made from the old stable branches, but a standalone patch is available that applies to all affected releases. View CVE Details Affected Products XZ Utils vulnerability impacting B&R Products Vendor: B&R Industrial Automation GmbH Product Version: B&R Industrial Automation GmbH PPC3100 <1.8.1, B&R Industrial Automation GmbH C50 <1.8.0, B&R Industrial Automation GmbH C80 <1.8.0, B&R Industrial Automation GmbH FT50 <1.8.1, B&R Industrial Automation G CVEs: CVE-2025-31115. Vendors: B&R Industrial Automation GmbH Product Version: B&R Industrial Automation GmbH PPC3100 <1. DORA relevance: medium.

    Por qué importa

    CVE de alto impacto sobre B&R Industrial Automation GmbH Product Version: B&R Industrial Automation GmbH PPC3100 <1. Planificar ventana de parche.

    Acción recomendada

    Check exposure to CVE-2025-31115 in asset inventory and vulnerability tooling.

    Vendors:B&R Industrial Automation GmbH Product Version: B&R Industrial Automation GmbH PPC3100 <1CISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 12:00
    Actualizado
    30 jun 2026, 17:00
    Detectado
    30 jun 2026, 17:00
    Fuente
    CISA All Alerts
    Referencia técnica
    NVD · CVE-2025-31115
    CISA All Alerts
    Prioridad · 59/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · CISA All Alerts authority (+12) · updated <24h (+5 cap)
    hace 8 horas
    Critical VulnsMEDIAAltoNEWNIS2CRAGDPRInteligencia operacional

    StoneFly Storage Concentrator

    View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to gain broad unauthorized access, execute arbitrary commands with root privileges, steal sensitive data, and perform actions on behalf of legitimate users across interconnected systems. The following versions of StoneFly Storage Concentrator are affected: Storage Concentrator <8.0.4.22 (CVE-2026-56415, CVE-2026-55721, CVE-2026-50040) Storage Concentrator Virtual Machine <8.0.4.22 (CVE-2026-56415, CVE-2026-55721, CVE-2026-50040) Storage Concentrator <8.0.4.26 (CVE-2026-50110) Storage Concentrator Virtual Machine <8.0.4.26 (CVE-2026-50110) Storage Concentrator <8.0.4.29 (CVE-2026-56413) Storage Concentrator Virtual Machine <8.0.4.29 (CVE-2026-56413) CVSS Vendor Equipment Vulnerabilities v3 10 StoneFly StoneFly Storage Concentrator Use of Hard-coded Credentials, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Background Critical Infrastructure Sectors: Defense Industrial Base, Energy, Financial Services, Healthcare and Public Health, Information Technology Countries/Areas Deployed: Worldwide Company Headquarters Location: United States Vulnerabilities Expand All + CVE-2026-50110 Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services, including database accounts, licensing, replication services, and third-party integrations, meaning successful exploitation of this vulnerability could provide an attacker with unauthorized access to multiple interconnected systems. View CVE Details Affected Products StoneFly Storage Concentrator Vendor: CVEs: CVE-2026-56415, CVE-2026-55721, CVE-2026-50040, CVE-2026-50110, CVE-2026-56413. DORA relevance: medium.

    Por qué importa

    CVE crítica/alta con vector técnico relevante.

    Acción recomendada

    Check exposure to CVE-2026-56415, CVE-2026-55721, CVE-2026-50040 in asset inventory and vulnerability tooling.

    CISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 12:00
    Actualizado
    30 jun 2026, 17:00
    Detectado
    30 jun 2026, 17:00
    Fuente
    CISA All Alerts
    Referencia técnica
    NVD · CVE-2026-56415
    CISA All Alerts
    Prioridad · 59/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · CISA All Alerts authority (+12) · updated <24h (+5 cap)
    hace 8 horas
    Critical VulnsMEDIAAltoNEWNIS2CRAGDPRInteligencia operacional

    Schneider Electric EcoStruxure IT Data Center Expert

    View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure™ IT Data Center Expert. The EcoStruxure™ IT Data Center Expert product is a scalable monitoring software that collects, organizes, and distributes critical device information providing a comprehensive view of equipment. Failure to apply the remediation provided below may risk information disclosure. The following versions of Schneider Electric EcoStruxure IT Data Center Expert are affected: EcoStruxure IT Data Center Expert vers:intdot/<=9.1.1, 9.1.2 (CVE-2026-8045) CVSS Vendor Equipment Vulnerabilities v3 6.5 Schneider Electric Schneider Electric EcoStruxure IT Data Center Expert Improper Restriction of XML External Entity Reference Background Critical Infrastructure Sectors: Information Technology, Critical Manufacturing, Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: France Vulnerabilities Expand All + CVE-2026-8045 CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints View CVE Details Affected Products Schneider Electric EcoStruxure IT Data Center Expert Vendor: Schneider Electric Product Version: EcoStruxure IT Data Center Expert (Formerly known as StruxureWare Data Center Expert) Version 9.1.1 and Prior Product Status: fixed, known_affected Remediations Vendor fix v9.1.2 of EcoStruxure™ IT Data Center Expert includes a fix for this vulnerability and is available for download here: https://www.se.com/en/product-range/61851-ecostruxure-it-data- center-expert/#software-and-firmware https://www.se.com/ww/en/product-country-selector/?pageType=product-range&sourceId=61851#software-and-firmware Relevant CWE: CWE-611 Improper Restriction of XML External Entity Reference Metrics CVSS Version Base Score Base Severity Vector String 3.1 6.5 MEDIUM CVSS:3.1/ CVEs: CVE-2026-8045. Vendors: Schneider Electric Product Version: EcoStruxure IT Data Center Expert (Formerly known as StruxureWare Data Center Expert) Version 9, Microsoft. DORA relevance: medium.

    Por qué importa

    CVE de alto impacto sobre Schneider Electric Product Version: EcoStruxure IT Data Center Expert (Formerly known as StruxureWare Data Center Expert) Version 9 / Microsoft. Planificar ventana de parche.

    Acción recomendada

    Check exposure to CVE-2026-8045 in asset inventory and vulnerability tooling.

    Vendors:Schneider Electric Product Version: EcoStruxure IT Data Center Expert (Formerly known as StruxureWare Data Center Expert) Version 9MicrosoftCISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 12:00
    Actualizado
    30 jun 2026, 17:00
    Detectado
    30 jun 2026, 17:00
    Fuente
    CISA All Alerts
    Referencia técnica
    NVD · CVE-2026-8045
    CISA All Alerts
    Prioridad · 59/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · CISA All Alerts authority (+12) · updated <24h (+5 cap)
    hace 8 horas
    Critical VulnsMEDIAAltoNEWNIS2CRAInteligencia operacional

    Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M

    View CSAF Summary Successful exploitation of these vulnerabilities could allow a local attacker to tamper with or destroy information in the affected product, cause a denial-of-service condition in the affected product, or execute arbitrary code when a specially crafted archive file is decompressed by the 7-Zip component included in MELSOFT Update Manager. The following versions of Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M are affected: MELSOFT Update Manager SW1DND-UDM-M >=1.000A|<=1.014Q (CVE-2025-53816, CVE-2025-53817, CVE-2025-55188, CVE-2025-11001) CVSS Vendor Equipment Vulnerabilities v3 8.8 Mitsubishi Electric Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M Heap-based Buffer Overflow, NULL Pointer Dereference, Improper Link Resolution Before File Access ('Link Following'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Japan Vulnerabilities Expand All + CVE-2025-53816 A heap-based buffer overflow vulnerability exists in the 7-Zip component included in MELSOFT Update Manager SW1DND-UDM-M. This vulnerability could allow a local attacker to trigger a buffer overflow that may cause the affected product to enter a denial-of-service condition by convincing a legitimate user to decompress a specially crafted archive file using the affected product. View CVE Details Affected Products Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M Vendor: Mitsubishi Electric Product Version: Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M: >=1.000A|<=1.014Q Product Status: known_affected Remediations Mitigation Mitsubishi Electric has identified the following specific workarounds and mitigations users can apply to reduce risk: Vendor fix Mitsubishi Electric is releasing fixed version 1.015R or later for MELSOFT Update Manager SW1DND-UDM-M. Please download the update file for the fixe CVEs: CVE-2025-53816, CVE-2025-53817, CVE-2025-55188, CVE-2025-11001. Vendors: Mitsubishi Electric Product Version: Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M: >=1. DORA relevance: medium.

    Por qué importa

    CVE de alto impacto sobre Mitsubishi Electric Product Version: Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M: >=1. Planificar ventana de parche.

    Acción recomendada

    Check exposure to CVE-2025-53816, CVE-2025-53817, CVE-2025-55188 in asset inventory and vulnerability tooling.

    Vendors:Mitsubishi Electric Product Version: Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M: >=1CISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 12:00
    Actualizado
    30 jun 2026, 17:00
    Detectado
    30 jun 2026, 17:00
    Fuente
    CISA All Alerts
    Referencia técnica
    NVD · CVE-2025-53816
    CISA All Alerts
    Prioridad · 59/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · CISA All Alerts authority (+12) · updated <24h (+5 cap)
    hace 8 horas
    Critical VulnsMEDIAAltoNEWNIS2CRAGDPRInteligencia operacional

    OFFIS DCMTK Toolkit

    View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to write files, access unauthorized information, exhaust memory, or crash affected DCMTK client or server processes. The following versions of OFFIS DCMTK Toolkit are affected: DCMTK <=3.7.0 (CVE-2026-50003, CVE-2026-50254, CVE-2026-35505, CVE-2026-52868, CVE-2026-44628) CVSS Vendor Equipment Vulnerabilities v3 9.8 OFFIS OFFIS DCMTK Toolkit Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Missing Release of Memory after Effective Lifetime, Access of Resource Using Incompatible Type ('Type Confusion') Background Critical Infrastructure Sectors: Healthcare and Public Health Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany Vulnerabilities Expand All + CVE-2026-50003 A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths. View CVE Details Affected Products OFFIS DCMTK Toolkit Vendor: OFFIS Product Version: OFFIS DCMTK: <=3.7.0 Product Status: known_affected Remediations Mitigation The maintainer was notified of these vulnerabilities and has provided a fix. The fix is included in the latest commits and can be obtained in the following snapshot: Vendor fix https://github.com/DCMTK/dcmtk/releases/tag/latest. https://github.com/DCMTK/dcmtk/releases/tag/latest Mitigation Users are recommended to download the latest GitHub release once it becomes available. Relevant CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Metrics CVSS Version Base Score Base Severity Vector String 3.1 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 4.0 9.3 CRITICAL CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-50254 An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp CVEs: CVE-2026-50003, CVE-2026-50254, CVE-2026-35505, CVE-2026-52868, CVE-2026-44628. Vendors: OFFIS Product Version: OFFIS DCMTK: <=3.

    Por qué importa

    CVE de alto impacto sobre OFFIS Product Version: OFFIS DCMTK: <=3. Planificar ventana de parche.

    Acción recomendada

    Check exposure to CVE-2026-50003, CVE-2026-50254, CVE-2026-35505 in asset inventory and vulnerability tooling.

    Vendors:OFFIS Product Version: OFFIS DCMTK: <=3CISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 12:00
    Actualizado
    30 jun 2026, 17:00
    Detectado
    30 jun 2026, 17:00
    Fuente
    CISA All Alerts
    Referencia técnica
    NVD · CVE-2026-50003
    CISA All Alerts
    Prioridad · 59/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · CISA All Alerts authority (+12) · updated <24h (+5 cap)
    hace 8 horas
    Critical VulnsMEDIAAltoNEWNIS2CRAGDPRInteligencia operacional

    Schneider Electric EasyLogic T150 and Saitel DP RTU

    View CSAF Summary Successful exploitation of these vulnerabilities can allow an attacker to cause unauthorized access and exposure of sensitive information when the unauthenticated attacker accesses credentials stored within firmware or system files. The following versions of Schneider Electric EasyLogic T150 and Saitel DP RTU are affected: EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller <=11.06.30 (CVE-2026-9650) EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller <=11.06.31 (CVE-2026-9651) Saitel DP Remote Terminal Unit & Controller <=11.06.35 (CVE-2026-9650) Saitel DP Remote Terminal Unit & Controller <=11.06.37 (CVE-2026-9651) CVSS Vendor Equipment Vulnerabilities v3 7.5 Schneider Electric Schneider Electric EasyLogic T150 and Saitel DP RTU Insufficiently Protected Credentials, Incorrect Permission Assignment for Critical Resource Background Critical Infrastructure Sectors: Critical Manufacturing, Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: France Vulnerabilities Expand All + CVE-2026-9650 CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files.With this credential an attacker could subsequently compromise the device if they have physical access to the device. View CVE Details Affected Products Schneider Electric EasyLogic T150 and Saitel DP RTU Vendor: Schneider Electric Product Version: Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller: <=11.06.30, Schneider Electric Saitel DP Remote Terminal Unit & Controller: <=11.06.35 Product Status: known_affected Remediations Vendor fix Schneider Electric has identified the following specific workarounds and mitigations users can apply to reduce risk: (CVE-2026-9650) EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller Firmware (<=1 CVEs: CVE-2026-9650, CVE-2026-9651. Vendors: Schneider Electric Product Version: Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller: <=11. DORA relevance: medium.

    Por qué importa

    CVE de alto impacto sobre Schneider Electric Product Version: Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller: <=11. Planificar ventana de parche.

    Acción recomendada

    Check exposure to CVE-2026-9650, CVE-2026-9651 in asset inventory and vulnerability tooling.

    Vendors:Schneider Electric Product Version: Schneider Electric EasyLogic T150 (formerly Saitel DR) Remote Terminal Unit & Controller: <=11CISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 12:00
    Actualizado
    30 jun 2026, 17:00
    Detectado
    30 jun 2026, 17:00
    Fuente
    CISA All Alerts
    Referencia técnica
    NVD · CVE-2026-9650
    CISA All Alerts
    Prioridad · 59/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · CISA All Alerts authority (+12) · updated <24h (+5 cap)
    hace 8 horas
    Critical VulnsMEDIAAltoNEWDORAGDPRInteligencia operacional

    EBA E-mail alert 30 June, 2026

    EBA E-mail alert 30 June, 2026 Date 30/06/2026 Anonymous (not verified) Tue, 06/30/2026 - 17:00 News & Press EU deposit guarantee scheme funds to protect depositors against bank failures continue to grow and have reached a volume of €85bn, the EBA observes DORA relevance: high.

    Por qué importa

    CVE crítica/alta con vector técnico relevante.

    Acción recomendada

    Update DORA ICT risk register and incident materiality notes if exposure is confirmed.

    CISO · Vulnerability Management · IT Ops
    Publicado
    30 jun 2026, 15:00
    Actualizado
    30 jun 2026, 16:00
    Detectado
    30 jun 2026, 16:00
    Fuente
    EBA Newsroom
    Referencia técnica
    Original advisory
    EBA Newsroom
    Prioridad · 56/100published <24h (+40) · high severity (+15) · regulatory relevance (+15) · EBA Newsroom authority (+8) · updated <24h (+5 cap)
    hace 9 horas