SECURITYWEEK reports that on February 11, 2026, industrial giants Siemens, Schneider Electric, Aveva, and Phoenix Contact published Patch Tuesday advisories detailing vulnerabilities in their ICS/OT products.
Siemens issued eight new advisories covering high-severity flaws in Desigo CC, Sentron Powermanager, Simcenter Femap and Nastran, NX, Sinec NMS, Solid Edge, and Polarion, plus a medium-severity issue in Siveillance Video Management Servers; an advisory also described a lack of anti-tamper protections in the Siport desktop client.
Schneider Electric released two advisories: one on two high-severity flaws in EcoStruxure Building Operation Workstation and WebStation, and a separate critical issue affecting SCADAPack RTUs that can lead to DoS or code execution. Aveva flagged a high-severity DoS vulnerability in PI Data Archive and a medium-severity unauthorized access issue in PI to Connect Agent. Phoenix Contact addressed a 2024 OpenSSL vulnerability in its advisory, with Germany’s VDE CERT also publishing coverage.
According to CISA, five new Patch Tuesday advisories describe vulnerabilities in Yokogawa Fast/Tools, Zlan ZLAN5143D, and the Zoll ePCR mobile application, as well as the Aveva issues disclosed on Tuesday.