Cyber·Monitoring
Shai-Hulud Supply-Chain Attack Trojanizes 19 PyPI Packages
PyPI repository (global online service)· Global4 Jun
5 reportsPROPCYCAS
MediumAI Refreshed
ClosedMedium impactAI Generated
ABB B&R Automation Studio Multiple Critical SQLite Vulnerabilities (ICSA-26-141-03)
Occurred 7 Oct 2025·Detected 23 May 2026·
Worldwide deployment; vendor headquartered in Switzerland. Affects energy sector industrial control systems globally.3 reportsEnded 29 May 2026
CyberEnergy
CISA has issued an ICS advisory for ABB B&R Automation Studio versions prior to 6.5, identifying 25 CVEs related to an outdated SQLite third-party component. Vulnerabilities include critical-severity issues (CVSS 9.8) enabling remote code execution, unauthorized access, and data exposure. Affected deployments span the global energy sector. A vendor fix is available in version 6.5.
AI-generated from linked source reports. See our correction policy.
Impact verdict
Medium impact. MEDIUM: Second-pass historical recalibration. This cyber advisory or vulnerability item is relevant to Cyber and technology-dependent Property/Casualty books, but it does not evidence confirmed insured loss, claims activity, ransomware/business interruption, critical infrastructure outage, or quantified market impact sufficient for HIGH.
View assessment methodologyHow we grade what we know -- Known · Reported · Uncertain. Methodology →
Timeline
Status Change2 Jun 2026, 13:05
Lifecycle changed
monitoring → closed
Closure2 Jun 2026, 13:05
Event Closed
auto_closed_monitoring_timeout
Status Change29 May 2026, 05:30
Status changed to monitoring
Auto-transitioned: no updates for 6 hours
active → monitoring
Status Change28 May 2026, 22:34
Status changed to active
evidence_trigger: authoritative_fast_track
signal → active
De-escalation25 May 2026, 17:12
Impact changed
high → medium
Corroboration23 May 2026, 21:14
CISA republished an ABB PSIRT advisory disclosing three medium-severity vulnerabilities in B&R Automation Runtime versions prior to 6.4, affecting the System Diagnostics Manager (SDM) component. Vulnerabilities include session hijacking via predictable session IDs, reflected cross-site scripting, and CSV formula injection. Critical infrastructure energy sector systems worldwide are potentially affected. A vendor fix is available in Automation Runtime 6.4.
Source: CISA Advisories (Official Advisory) · View source
Corroboration23 May 2026, 21:10
CISA issued advisory ICSA-26-141-02 disclosing nine CVEs (CVE-2023-45229 through CVE-2023-45237) affecting ABB B&R industrial PCs used in energy and critical infrastructure sectors worldwide. Vulnerabilities reside in the EDK2 network stack within UEFI PXE firmware, enabling remote code execution, DoS, DNS cache poisoning, and sensitive data extraction. CVSS scores reach 8.3 (HIGH). Ten product lines are affected; patches are available for most, with APC910 requiring mitigation only.
Source: CISA Advisories (Official Advisory) · View source
Initial Detection23 May 2026, 21:08
Initial Detection
CISA has issued an ICS advisory for ABB B&R Automation Studio versions prior to 6.5, identifying 25 CVEs related to an outdated SQLite third-party component. Vulnerabilities include critical-severity issues (CVSS 9.8) enabling remote code execution, unauthorized access, and data exposure. Affected deployments span the global energy sector. A vendor fix is available in version 6.5.
The identified vulnerabilities could present potential attack vectors that might enable unauthorized access, data exposure, or remote code execution. Critical Infrastructure Sectors: Energy. Countries/Areas Deployed: Worldwide.
Source: CISA Advisories (Official Advisory) · View source
Lloyd's classifications
Tracking this kind of risk? Get an email when Cyber events escalate.
Get alerts