A previously disclosed vulnerability in Rockwell industrial control systems (ICS) has been exploited in recent attacks, allowing for remote hacking. The vulnerability, which was initially disclosed and mitigated in 2021, has only now been found to be exploited in the wild1. This exploit enables attackers to remotely target ICS, potentially disrupting critical infrastructure operations. The fact that this vulnerability was known and mitigated years ago, yet is only now being exploited, highlights the ongoing risk of legacy vulnerabilities in ICS environments. The exploitation of this vulnerability demonstrates the importance of continuous monitoring and patching of ICS systems, even after initial mitigations have been put in place. So what matters to practitioners is that even mitigated vulnerabilities can still pose a significant threat if not continuously monitored and updated, emphasizing the need for robust vulnerability management practices.