From critical to controlled: Cutting vulnerabilities in a live manufacturing environment

This report provides a practical seven-step framework for evaluating whether vulnerability scanner findings in OT/ICS environments are genuinely exploitable, covering inventory validation, verification of vulnerable functions, network reachability, existing mitigations, exploitation path analysis, risk acceptance, and remediation priorities; it uses a CVE example to illustrate impact and recommended mitigations (network segmentation, firewall ACLs, strong credentials, patching and backups).