CVE-2025-14510 in ABB Ability OPTIMAX allows full authentication bypass when Azure Active Directory SSO is enabled, with no fix available for version 6.1 or 6.2 - part of a six-advisory ABB batch published 30 April 2026 affecting EU water and energy operators.
Siemens ProductCERT released the Q2 2026 firmware bundle for SIMATIC S7-1500 controllers, containing five CVEs from CVSS 5.4 to 8.2. None are pre-authentication remote code execution. Thirty-day deployment window with internet-reachable units prioritized.