HIGH Published May 19, 2026

ICS / OT Device Vulnerability

Vulnerability disclosed in an industrial / building-control device. Implies the device may be reachable from the corporate network or directly from the internet. Calls for network segmentation, asset inventory and vendor patch tracking.

MITRE ATT&CK

Tactics, Techniques & Procedures

TA0001 Initial Access tactic

TA0004 Privilege Escalation tactic

Defensive mapping

Mapped controls

The audit will verify each of these controls is in place and effective.

Control	Confidence	Why it matters
Patch management suggested	75%	Recommended control for vulnerability
Vulnerability scanning suggested	75%	Recommended control for vulnerability
CVE-driven prioritisation suggested	75%	Recommended control for vulnerability
Web application firewall suggested	75%	Recommended control for vulnerability
Network segmentation between user and server tiers suggested	75%	Recommended control for vulnerability

Dossier

Attack vector vulnerability

Source Cyentrix Intel feed

Recent incidents · 2

HIGH Alleged Cyber Attack on Turkish Water Supply SCADA System by Armenian Code telegram · 3 days ago
MEDIUM Kieback & Peter DDC Building Controllers CISA Alerts & Advisories · 2 days ago

Audit programs

ICS / OT Device Vulnerability — Audit Program 5 controls · v0.1.0