CISA's May 2026 ICS Advisory Wave: Schneider Electric, Advantech, Axis, Rockwell, and Mitsubishi

CISA's May 2026 ICS advisory release covers critical vulnerabilities across five major industrial and building automation vendors: Schneider Electric EcoStruxure Foxboro DCS, Advantech WebAccess/SCADA, Axis Communications security cameras, Rockwell Automation Micro820/850/870 controllers, and Mitsubishi Electric ICONICS products. The highest-severity advisory involves a CVSS 9.8 deserialization vulnerability in Schneider's DCS Advisor component. Combined, the advisories affect SCADA systems, IP cameras, PLCs, and building HMI software that are standard in smart office and industrial deployments.