ICS Patch Tuesday saw eight industrial giants — Siemens, Schneider Electric, Aveva, Rockwell Automation, ABB, Phoenix Contact, Mitsubishi Electric, and Moxa — publish new ICS security advisories, according to SecurityWeek. Siemens has issued nine advisories since the previous Patch Tuesday, highlighting high- and medium-severity issues across Sinec NMS, Ruggedcom Crossbow, and Industrial Edge Management, plus a notable move into the CVE Program’s SADP project.
Schneider Electric published three advisories, including an impact assessment of the BlastRadius vulnerability on Modicon Networking Managed Switch, with two medium-severity advisories covering PowerChute Serial Shutdown UPS management software and Easergy MiCOM Px40 protection relays. Aveva released a critical advisory for a missing authorization and privilege escalation in Pipeline Simulation.
Rockwell Automation warned customers to disconnect PLCs from the internet after flagging potential threat actor activity, while ABB issued four advisories spanning third-party component flaws and a DoS in System 800xA and Symphony Plus IEC 61850 stacks. Phoenix Contact, Mitsubishi Electric and Moxa contributed further advisories on various DoS, privilege escalation, and information-disclosure vulnerabilities, all since the last Patch Tuesday, with the report dated 15 April 2026.