CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION : Low Attack Complexity Vendor : Schneider Electric Equipment : Saitel DR RTU, Saitel DP RTU Vulnerability : Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges, potentially leading to arbitrary code execution. …
CISA (ICS)
08/26/2025
1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : INVT Equipment : VT-Designer and HMITool Vulnerabilities : Out-of-bounds Write, Access of Resource Using Incompatible Type ('Type Confusion') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code in the context of …
CISA (ICS)
08/26/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : Modicon M340 and Communication Modules Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED …
SIEMENS CERT
08/26/2025
Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.
US CERT
08/25/2025
Executive summary People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks. While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) …
CISA (ICS)
08/21/2025
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-F Series CPU module Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a remote attacker being able to delay the processing of the …
CISA (ICS)
08/19/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 …
CISA (ICS)
08/19/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 …