A joint advisory published on 2 June 2026 by CISA, FBI, NSA, the Department of Energy (DOE), the Environmental Protection Agency (EPA), the Transportation Security Administration (TSA), the Department of Transportation (DOT), and the US Department of Agriculture (USDA) warns of active malicious cyber activity targeting automatic tank gauge (ATG) systems across the United States. The advisory identifies a pattern of attackers compromising internet-exposed ATG devices and executing commands that could disrupt or manipulate storage tank operations — including modifying pump controls and disabling safety alerts that exist to prevent leaks, overflow events, and environmental hazards.
For OT operators managing fuel and liquid storage infrastructure, this is an advisory requiring immediate action: remove ATG systems from public internet exposure or apply access controls, change default credentials, and apply available patches.
What Are Automatic Tank Gauge Systems?
Automatic tank gauge systems are widely deployed across petrol stations, military installations, water treatment facilities, airport fuel farms, industrial chemical storage, and agricultural facilities. Their primary function is automated, remote monitoring of storage tank parameters:
- Fuel and liquid levels (to manage deliveries and prevent overflow)
- Temperature (relevant for chemicals with temperature-dependent properties)
- Water contamination detection (critical for aviation fuel)
- Leak detection (regulatory requirement in many jurisdictions)
- Pump status and control
Many ATG systems have serial-port-based remote access that was originally designed for dial-up modem access, then migrated to TCP/IP connectivity as facilities modernised their networks. This migration often placed the ATG serial port on an internet-routable IP without the access controls that would be expected of an internet-facing system. Common default TCP ports include 8001, 9001, and 10001.
Publicly-exposed ATGs are discoverable via Shodan, Censys, and similar internet scanning tools. Security researchers and threat actors alike have documented thousands of exposed ATG interfaces globally, with significant concentrations in North America.
Attack Vectors and Observed Techniques
The CISA advisory documents the following attack vectors being actively exploited:
Authentication Bypass and Hardcoded Credentials: Many ATG devices were designed for operational environments where authentication was considered unnecessary — the assumption was that serial port access implied physical proximity. When these systems gained IP connectivity, that assumption failed. Many devices either have no authentication, hardcoded default credentials, or authentication that can be bypassed through protocol manipulation.
The most widely affected vendors include Veeder-Root (TLS-350, TLS-450), OPW (SiteSentinel series), and Franklin Fueling Systems (TS-550, TS-5000). Each of these platforms has documented vulnerabilities in their management interfaces, some dating back to 2015 security research.
OS Command Execution and SQL Injection: Beyond authentication bypass, the ATG management interfaces expose command execution capabilities that allow an authenticated (or bypassed) attacker to execute arbitrary commands on the underlying operating system and manipulate the device’s database. This enables modification of configuration parameters that should be restricted to on-site technicians.
Privilege Escalation: Several ATG platforms allow privilege escalation from operator-level to full administrator access through known flaws, giving an attacker complete control over the device management interface as if they had physical access to the system console.
What an Attacker Can Do With ATG Access
The advisory explicitly describes the potential impact of a successful compromise:
Alter system attributes: Network settings, product identifiers, tank volume limits, and pump control parameters can be modified. An attacker can change the registered capacity of a tank, causing the system to calculate fill levels incorrectly and potentially causing overflow.
Compound operational malfunctions: Components operating on incorrect parameters can create a “denial of view” condition — operators see normal readings while the physical system is in an abnormal state. This removes the visibility needed to detect and respond to actual physical problems.
Disable system alerts: Alarms for high water contamination, overfill conditions, and pump failures can be disabled, increasing the risk that a physical hazard (leak, overflow, fire) goes undetected until it causes environmental damage or injury.
Manipulate pump controls: Direct control of pumps creates the potential for physical disruption of operations — disabling fuel delivery, forcing pumps on or off at inappropriate times, or creating flow conditions that stress mechanical components.
In critical fuel storage environments (airports, military bases, refineries), disruption to ATG and pump systems can have cascading operational effects that extend well beyond the system itself.
Immediate Mitigation Actions
1. Remove ATG serial ports from public internet exposure. This is the single most effective mitigation. TCP ports 8001, 9001, and 10001 should not be reachable from the public internet. Use network scanning to verify:
# Scan your own network ranges for common ATG ports
nmap -p 8001,9001,10001 --open <your-IP-range>
# On Shodan (if you have an account), search for your ASN's exposure:
# search: "Veeder-Root" OR "TLS-450" OR "SiteSentinel" org:"Your Company"
2. If remote access is operationally required, restrict it via VPN or ACL. All ATG remote access should transit an always-on VPN or site-to-site IPsec tunnel. If direct TCP access is necessary, restrict source IPs to known management networks via firewall ACL.
3. Change all default and hardcoded credentials immediately. Work with your ATG service provider or the vendor’s documentation to change default management passwords. If your device uses hardcoded credentials (common in older Veeder-Root and OPW devices), apply the vendor’s patch or firmware update that addresses this.
4. Apply available patches. Contact your ATG service provider to verify that installed firmware is current. Many of the vulnerabilities referenced in this advisory have patches available, but field devices in operational environments often run years-old firmware due to patching hesitance in OT contexts.
5. Monitor for unauthorised access. Configure your network perimeter to log all access to ATG management ports and alert on connections from unknown source IPs. On systems where logging is possible, enable audit logs for configuration changes.
Regulatory Context
For US operators, ATG systems fall under EPA environmental regulations for underground storage tanks (40 CFR Part 280), which require leak detection and spill prevention equipment to be maintained in operational condition. A cyberattack that disables ATG alert functionality could constitute a regulatory violation independent of any physical harm — and regulators may view failure to apply available security patches as a maintenance failure.
The advisory specifically recommends that operators review CISA, FBI, EPA, and DOE’s earlier fact sheet on securing internet-connected OT systems and engage their third-party ATG service providers to ensure compliance and patching.
The Broader Pattern: Internet-Exposed OT
This advisory fits a documented pattern CISA has been addressing consistently since 2021: legacy OT devices that were designed without internet connectivity assumptions have been connected to IP networks without appropriate security controls. ATGs are a specific instance of a general problem that includes building management systems, SCADA human-machine interfaces, programmable logic controllers, and environmental monitoring devices.
The attack surface created by Shodan-discoverable OT management interfaces is not theoretical. The advisory’s language — “malicious cyber activity observed by the authoring organizations” — indicates confirmed active exploitation, not hypothetical risk. OT operators should treat this with the same urgency as a CISA KEV entry for an internet-facing enterprise vulnerability.