{"id":215374,"date":"2026-02-19T08:00:00","date_gmt":"2026-02-19T13:00:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/19\/industrial-control-system-vulnerabilities-hit-record-highs\/"},"modified":"2026-02-19T14:30:12","modified_gmt":"2026-02-19T19:30:12","slug":"industrial-control-system-vulnerabilities-hit-record-highs","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/19\/industrial-control-system-vulnerabilities-hit-record-highs\/","title":{"rendered":"Industrial Control System Vulnerabilities Hit Record Highs"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/industrial-control-system-vulns\/\">Industrial Control System Vulnerabilities Hit Record Highs<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/industrial-control-system-vulns\/\">https:\/\/www.infosecurity-magazine.com\/news\/industrial-control-system-vulns\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-19 08:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>The number of industrial control system (ICS) security advisories published in 2025\u00a0topped 500 for the first time since records began, with the severity of vulnerabilities also increasing, according to Forescout.<\/p>\n<p>The security vendor revealed the findings in its new report, ICS Cybersecurity in 2026: Vulnerabilities and the Path Forward.<\/p>\n<p>It said there were a total of 2155 CVEs published across 508 ICS advisories last year. That\u2019s an increase\u00a0from 103 CVEs across 67 advisories in 2011 \u2013 when records began.<\/p>\n<p>The average CVSS score of advisories climbed from 6.44 in 2010 to above 8.0 in 2024 and 2025.<\/p>\n<p>Read more on ICS threats: CISA Issues Advisories on Critical ICS Vulnerabilities Across Multiple Sectors.<\/p>\n<p>According to the report, the most affected asset types last year, in order, were:<\/p>\n<ul>\n<li>Purdue Level 1 devices: eg, field controllers, RTUs, PLCs and IEDs<\/li>\n<li>Purdue Level 3 operation systems: eg, MES, PLM, EMS and others<\/li>\n<li>Purdue Level 2 control systems: eg, DCS, SCADA and BMS<\/li>\n<li>Industrial network infrastructure like routers and switches<\/li>\n<\/ul>\n<p>Critical manufacturing and energy were the top two most affected industries, with transportation jumping three places from the previous year to third and healthcare moving up four places to fourth.<\/p>\n<h2><strong>A CISA-Shaped Gap in Reporting<\/strong><\/h2>\n<p>More concerning for operators of industrial and operational technology is a growing gap in threat visibility.<\/p>\n<p>CISA\/ICS-CERT has been \u201cthe authoritative source\u201d about vulnerabilities in this field since the ICS Advisory (ICSA) program was started in 2010, Forescout noted. However, according to the open source ICS advisory project, a growing number of vulnerabilities don\u2019t have an associated ICSA published by CISA.<\/p>\n<p>\u201cOn January 10, 2023 CISA announced they would stop publishing updates on advisories affecting Siemens products, and instead, will be redirecting users to Siemens\u2019 ProductCERT for the latest updates,\u201d Forescout explained.<\/p>\n<p>\u201cThis shows the need for vulnerability information&#8230;<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/industrial-control-system-vulns\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Industrial Control System Vulnerabilities Hit Record Highs https:\/\/www.infosecurity-magazine.com\/news\/industrial-control-system-vulns\/ Publish Date: 2026-02-19 08:00:00 Source Domain: www.infosecurity-magazine.com&#8230;<\/p>\n","protected":false},"author":1,"featured_media":215375,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/31f21ad6-c451-429d-b22a-60085c6a058f.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-215374","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215374"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=215374"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215374\/revisions"}],"predecessor-version":[{"id":215376,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215374\/revisions\/215376"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/215375"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=215374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=215374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=215374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}