Iranian-affiliated cyber actors are exploiting programmable logic controllers (PLCs) within U.S. critical infrastructure, leveraging direct internet exposure and default credentials to gain initial access and manipulate industrial processes. The article does not specify a particular CVE, CVSS score, affected product versions, or a fixed software version. As a workaround, organizations are advised to immediately isolate PLCs from the internet, enforce strong authentication, and implement robust network segmentation.
2026-04-07 (Back to Inventory) AA26-097A: Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure Author(s): CISA , CNMF , Department of Energy (DOE) , EPA , FBI , NSA Organization: IC3 Open article directly Related Articles 2026-03-20 ⋅ IC3 ⋅ FBI , IC3 I-032026-PSA: Russian Intelligence Services Target Commercial Messaging Application Accounts 2026-03-20 ⋅ FBI ⋅ FBI Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets 2025-12-09 ⋅ CISA ⋅ CISA Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure