SIEMENS CERT
09/09/2025
SINEC OS is affected by multiple vulnerabilities due to open UDP ports, which could allow an attacker to access non-sensitive information without authentication or potentially cause temporary denial of service. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
CISA (ICS)
09/04/2025
1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Honeywell Equipment : OneWireless Wireless Device Manager (WDM) Vulnerabilities : Improper Restriction of Operations within the Bounds of a Memory Buffer, Sensitive Information in Resource Not Removed Before Reuse, Integer Underflow (Wrap or Wraparound), Deployment of …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : FRENIC-Loader 4 Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Fuji …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 6.7 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : EIP Builder Vulnerability : Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to potentially process dangerous external entities, resulting in disclosure of …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION : Exploitable from an adjacent network/low attack complexity Vendor : SunPower Equipment : PVS6 Vulnerability : Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : GE Vernova Equipment : CIMPLICITY Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION : Low Attack Complexity Vendor : Schneider Electric Equipment : Saitel DR RTU, Saitel DP RTU Vulnerability : Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges, potentially leading to arbitrary code execution. …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-F Series CPU module Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read or write the device values of …