OT-CVE Tracker
Real-time OT Vulnerability Intelligence

OT VulnerabilityTracking Platform

Monitor, analyze, and respond to cybersecurity vulnerabilities across SCADA, ICS, PLC, DCS, and other Operational Technology systems.

Quick Filters

Auth BypassBuffer OverflowBuilding AutomationCIPCNCCameraCode InjectionCommand InjectionCommunication ManagerCredential TheftDCSDLL HijackingDNP3Default CredentialsDeserializationEngineering WorkstationFactoryTalkFile ParsingFile WriteFire SafetyFirewallGatewayHMIHistorianICSIoTJavaMPCMemory CorruptionModbusNTLMOPC UAOpen SourcePLCPROFINETPre-AuthPrivilege EscalationProcess ControlRCERTURemote AccessRouterSCADASQL InjectionSSHSSRFSandbox EscapeSurveillanceTelecontrolThin ClientVPNWebWeb ServerXSS

Recent Vulnerabilities

View all
CVE-2025-32433Critical (10)

Erlang/OTP SSH Server Unauthenticated Remote Code Execution

A critical vulnerability in the Erlang/OTP SSH server allows an unauthenticated attacker to execute arbitrary code on affected systems. The flaw exists in the SSH protocol message handling prior to authentication, enabling an attacker to send crafted SSH messages that are processed before any authentication occurs. Successful exploitation results in full system compromise with the privileges of the SSH daemon process.

Erlang/OTP·2025-03-18
SSHRCEPre-Auth
CVE-2025-41688Critical (9.1)

MB Connect Line mbNET Lua Sandbox Escape — Arbitrary Command Execution as Root

MB Connect Line mbNET industrial VPN routers contain a Lua sandbox escape vulnerability in the device's scripting interface. An authenticated user with script execution privileges can escape the Lua sandbox and execute arbitrary operating system commands as root on the underlying Linux OS, resulting in full device compromise.

MB Connect Line·2025-03-12
VPNRouterSandbox Escape
CVE-2025-11774Critical (9.8)

ICONICS Suite Command Injection

ICONICS GENESIS64, Hyper Historian, and AnalytiX are vulnerable to a command injection through the suite's web-based management interface. An authenticated administrator can inject OS commands via specially crafted configuration parameters that are passed to the underlying OS without sanitization, achieving code execution on the ICONICS server.

ICONICS·2025-03-10
SCADACommand InjectionHMI
CVE-2025-0921High (8.8)

ICONICS Privileged File Write

ICONICS GENESIS64 and Hyper Historian contain a privileged file write vulnerability that allows an authenticated user to write arbitrary files to the system with SYSTEM-level privileges. An attacker can leverage this to overwrite critical system files, deploy web shells, or achieve code execution through DLL hijacking.

ICONICS·2025-03-10
SCADAFile WritePrivilege Escalation
CVE-2025-41388High (7.8)

Fuji Electric Smart Editor Stack-based Buffer Overflow

Fuji Electric Tellus Lite V-Simulator Smart Editor is vulnerable to a stack-based buffer overflow when parsing specially crafted project files. An attacker can create a malicious project file that, when opened by an engineer, triggers a buffer overflow leading to arbitrary code execution in the context of the engineering workstation.

Fuji Electric·2025-03-05
HMIBuffer OverflowEngineering Workstation
CVE-2025-27495Critical (9.8)

Siemens TeleControl Server Basic SQL Injection

Siemens TeleControl Server Basic is vulnerable to a SQL injection attack through its web-based management interface. An authenticated user can inject malicious SQL queries through improperly sanitized input fields, enabling data exfiltration, database manipulation, and potential code execution via SQL Server xp_cmdshell.

Siemens·2025-03-01
SCADASQL InjectionTelecontrol
Critical Alerts

CVE-2025-21001

Siemens SIMATIC S7-1500 Remote Code Execution

CVE-2025-18742

Rockwell Allen-Bradley ControlLogix Authentication Bypass

CVE-2025-33456

Honeywell Experion PKS DCS Unauthorized Access

CVE-2025-55678

GE Vernova UR Relay Firmware Tampering

Industry Sectors
Energy39 CVEs
Manufacturing40 CVEs
Water17 CVEs
Transportation14 CVEs