Radar
A personal hobby project. Radar aggregates security advisories from CISA and Zero Day Initiative and adds short editorial highlights on what I find notable from a European infrastructure perspective — not a threat-intel service, not exhaustive, just what catches my eye.
-
Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)
The vulnerability originates from an SQLite dependency in Siemens industrial controllers. This affects versions below 5.8 and enables both code execution and denial of service.
Read more → -
Siemens Industrial Edge Management
The advisory notes that exploitation requires the remote connection feature to be enabled on a device and knowledge of the specific header and port used for connections. This may indicate that disabling the feature entirely could serve as an interim mitigation.
Read more → -
Siemens SINEC NMS
An authenticated attacker can reset any user's password in SINEC NMS by bypassing authorization checks. The advisory notes deployment in critical manufacturing environments worldwide.
Read more → -
Zero Motorcycles Firmware
Zero Motorcycles firmware allows unauthorized Bluetooth pairing when the vehicle is in pairing mode. This enables firmware manipulation by nearby attackers.
Read more → -
Siemens SINEC NMS
The advisory notes that this vulnerability affects critical manufacturing infrastructure. The issue is an authentication bypass in the User Management Component (UMC) due to insufficient identity validation.
Read more → -
Hardy Barth Salia EV Charge Controller
The vendor did not respond to CISA's coordination request. Exploit for the firmware upload vulnerability has been publicly disclosed.
Read more → -
Siemens SCALANCE
Siemens SCALANCE W-700 IEEE 802.11n devices have multiple vulnerabilities affecting versions before 6.6.0. The advisory includes a long list of CVEs spanning several years.
Read more → -
Siemens Analytics Toolkit
The advisory notes that the same vulnerability (CVE-2025-40745) affects multiple Siemens engineering applications through the Analytics Toolkit. Updates are available for each affected product, with specific version targets provided.
Read more → -
SenseLive X3050
Vendor did not respond to coordination requests. Ten distinct CVEs affect a single firmware version.
Read more → -
Siemens TPM 2.0
The vulnerability affects multiple Siemens industrial computing products with TPM 2.0 modules. Fixed versions are available for some products while others remain under investigation.
Read more → -
Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary
The advisory specifies that this privilege escalation vulnerability affects User Administrators who can administer their own groups. The product is deployed worldwide in critical manufacturing sectors.
Read more → -
Silex Technology SD-330AC and AMC Manager
Multiple vulnerabilities across two Silex products include authentication bypass and code execution risks. The advisory notes a known-affected status but lacks specific remediation details.
Read more → -
Supply Chain Compromise Impacts Axios Node Package Manager
The advisory describes a supply chain attack that injected a malicious dependency into two specific Axios npm versions. The attack downloads multi-stage payloads including a remote access trojan.
Read more → -
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
The addition of multiple vulnerabilities in Cisco Catalyst SD-WAN Manager suggests repeated security flaws in a network management platform used for wide-area orchestration.
Read more → -
CISA Adds One Known Exploited Vulnerability to Catalog
CVE-2026-34197 is an improper input validation issue in Apache ActiveMQ that is already seeing active exploitation.
Read more → -
Anviz Multiple Products
Anviz access control devices are vulnerable to unauthenticated photo capture via front-facing camera. Multiple CVEs affect all versions across three product lines with no patches mentioned.
Read more → -
Horner Automation Cscape and XL4, XL7 PLC
Horner Automation PLCs have weak password requirements allowing network-based brute force attacks. The vendor has released updates for Cscape software and PLC firmware.
Read more → -
Delta Electronics ASDA-Soft
The vulnerability is triggered by parsing a malformed .par file in ASDA-Soft. The advisory explicitly states the product is used in critical manufacturing sectors.
Read more → -
AVEVA Pipeline Simulation
An unauthenticated attacker can escalate to administrative roles in AVEVA Pipeline Simulation by exploiting a missing authorization check. The vulnerability affects simulation parameters, training configuration, and training records.
Read more → -
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CVE-2009-0238, a remote code execution vulnerability in Microsoft Office, has been added to the KEV Catalog despite its 2009 publication date, indicating ongoing exploitation potential.
Read more → -
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
The advisory adds a 2012-era Visual Basic for Applications vulnerability back into active exploitation focus, suggesting long-dormant attack methods may still pose current risk.
Read more → -
GPL Odorizers GPL750
The advisory indicates that low-privileged remote attackers can manipulate odorant injection logic via Modbus packets. This may affect gas line safety by causing improper odorant levels.
Read more → -
Contemporary Controls BASC 20T
The advisory notes that the affected BASC 20T is an obsolete product. Exploitation could allow complete control via forged network packets.
Read more → -
CISA Adds One Known Exploited Vulnerability to Catalog
CVE-2026-1340 is a code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that CISA has added to the KEV Catalog due to evidence of active exploitation.
Read more → -
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
Iranian-affiliated actors are targeting internet-facing PLCs to manipulate HMI/SCADA displays and cause operational disruption. The advisory specifies Rockwell Automation/Allen-Bradley PLCs are known targets, but notes potentially other brands may be affected.
Read more → -
Mitsubishi Electric GENESIS64 and ICONICS Suite products
SQL Server credentials stored in plaintext when local SQLite caching is enabled with SQL authentication. Affects multiple Mitsubishi Electric industrial software suites.
Read more → -
CISA Adds One Known Exploited Vulnerability to Catalog
CVE-2026-35616 is an improper access control vulnerability in Fortinet FortiClient EMS, now listed in CISA's KEV Catalog due to observed active exploitation.
Read more → -
Yokogawa CENTUM VP
The vulnerability allows login as the PROG user with hardcoded credentials. Exploitation requires prior access to the HIS screen controls.
Read more → -
CISA Adds One Known Exploited Vulnerability to Catalog
The added vulnerability involves a download of code without integrity check in TrueConf Client, which could allow unauthorized code execution if exploited.
Read more → -
Siemens SICAM 8 Products
Multiple SICAM 8 products are affected by denial-of-service vulnerabilities triggered by high-volume requests. Siemens has released firmware version 26.10 to address these issues.
Read more →