EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Signal

Critical vulnerabilities disclosed in Helmholz myREX24V2 and WAGO managed switches

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-03-24 03:00 UTCUpdated 2026-03-24 16:22 UTC
rss
cveexploitssecurity_toolingincident_response
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
BackEvidence (4)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (2 domains)domains are deduped. counts indicate coverage, not truth.
2 top sources shown
[Control systems] Helmholz security advisory (AV26-274)
Canadian Centre for Cyber Security - Alerts · News · cyber.gc.ca · 2026-03-24 16:22 UTC
Vulnerabilities in Helmholz myREX24V2 / myREX24V2.virtual
NCSC-FI - Vulnerabilities · News · certvde.com · 2026-03-24 03:00 UTC
limited source diversity in top sources
View all evidence
Overview

Multiple critical security vulnerabilities have been reported affecting Helmholz myREX24V2 and myREX24V2.virtual firmware versions 2.19.3 and prior, as well as WAGO managed switches.

Entities
HelmholzWAGO
Score total
0.96
Momentum 24h
4
Posts
4
Origins
2
Source types
1
Duplicate ratio
25%
Why now
  • Advisories were published on March 23-24, 2026, revealing critical flaws in widely used control system devices.
  • Official fixes are available, making immediate updates feasible and necessary.
  • Industrial operators must act now to prevent exploitation and potential operational impact.
Why it matters
  • These vulnerabilities allow unauthenticated remote attackers to fully compromise critical industrial control devices.
  • Exploitation could lead to severe operational disruptions and loss of confidentiality in industrial environments.
  • Prompt patching is essential to mitigate risks and protect infrastructure integrity.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
  • Helmholz myREX24V2 devices have a critical remote code execution vulnerability (CVE-2026-32968) exploitable by unauthenticated attackers.
  • Helmholz myREX24V2 devices are vulnerable to a pre-authentication blind SQL injection (CVE-2026-32969) leading to total loss of confidentiality.
  • WAGO managed switches have a critical vulnerability (CVE-2026-3587) allowing unauthenticated remote attackers to gain root access and fully compromise the device.
How sources frame it
  • Canadian Centre For Cyber Security: neutral
This briefing consolidates multiple critical vulnerabilities affecting industrial control system devices from Helmholz and WAGO, emphasizing the urgency of patching to prevent full system compromise.
All evidence
All evidence
[Control systems] Helmholz security advisory (AV26-274)
Canadian Centre for Cyber Security - Alerts · cyber.gc.ca · 2026-03-24 16:22 UTC
Vulnerabilities in Helmholz myREX24V2 / myREX24V2.virtual
NCSC-FI - Vulnerabilities · certvde.com · 2026-03-24 03:00 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -
Showing 2 / 0
Top publishers (this list)
  • Canadian Centre for Cyber Security - Alerts (1)
  • NCSC-FI - Vulnerabilities (1)
Top origin domains (this list)
  • cyber.gc.ca (1)
  • certvde.com (1)