CISA (ICS)
09/11/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v4 …
CISA (ICS)
09/11/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v4 …
CISA (ICS)
09/11/2025
1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : Modicon M340, BMXNOE0100, and BMXNOE0110 Vulnerability : Files or Directories Accessible to External Parties 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to prevent firmware updates and disrupt the …
CISA (ICS)
09/11/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v4 …
CISA (ICS)
09/11/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 …
CISA (ICS)
09/11/2025
1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Daikin Europe N.V Equipment : Security Gateway Vulnerability : Weak Password Recovery Mechanism for Forgotten Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to …
CISA (ICS)
09/09/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Activation Manager Vulnerability: Incorrect Implementation of Authentication Algorithm 2. RISK EVALUATION Successful exploitation of this vulnerability could result in in data exposure, session hijacking, or full communication compromise. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS …
CISA (ICS)
09/09/2025
1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Optix Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker achieving remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of FactoryTalk Optix, a scalable, …