CVE-2025-66585

creationtimestamp| type| source ---|---|--- 2025-12-11 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03 2025-12-17 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1128/...

CVE-2025-66590

creationtimestamp| type| source ---|---|--- 2025-12-11 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-03 2025-12-17 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1129/ 2025-12-17 05:00:00+00:00| seen|...

PT-2025-49245

Name of the Vulnerable Software and Affected Versions Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace versions 2025.1.2 and prior Description Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace versions 2025.1.2 and prior are susceptible to a Direct...

Advantech iView

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify, or delete data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

MAXHUB Pivot

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to request a password reset and gain unauthorized access to the account. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

Exploit for CVE-2025-38001

Lab: CVE-2025-41744 - Use of Default Cryptographic Key in Spre...

Industrial Video & Control Longwatch

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to gain remote code execution with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

Mirion Medical EC2 Software NMIS BioDose

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to modify program executables, gain access to sensitive information, gain unauthorized access to the application, and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

CVE-2025-64126

creationtimestamp| type| source ---|---|--- 2025-11-25 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-03 2026-01-09 14:14:28+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115865555268914985...

SiRcom SMART Alert (SiSA)

RISK EVALUATION Successful exploitation of this vulnerability could enable an attacker to remotely activate or manipulate emergency sirens. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

CVE-2025-64770

creationtimestamp| type| source ---|---|--- 2025-11-20 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-02...

Emerson Appleton UPSMON-PRO

RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to deceive a legitimate user into running malicious scripts or redirecting them to malicious websites. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

Opto 22 GRV-EPIC and groov RIO

RISK EVALUATION Successful exploitation of this vulnerability could result in the execution of arbitrary shell commands with root privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

CVE-2025-11243

creationtimestamp| type| source ---|---|--- 2025-11-18 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-322-02 2025-11-19 07:33:04+00:00| seen| https://infosec.exchange/users/offseq/statuses/115575199017022237 2025-11-19 09:04:44+00:00| seen|...

Today’s threat landscape demands a proactive OT security strategy

Today’s threat landscape demands a proactive OT security strategy By John Fokker and Mo Cashman · November 18, 2025 Overview: The operational technology OT security landscape is undergoing rapid transformation, marked by an escalation in advanced threats. As reported in Trellix’s November...

CISA Releases 18 Industrial Control Systems Advisories

CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...

Rockwell Automation FactoryTalk DataMosaix Private Cloud

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take over accounts, steal credentials, redirect users to a malicious website, or bypass MFA. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

AVEVA Edge

RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to reverse engineer passwords through brute force. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

Rockwell Automation Verve Asset Manager

RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker accessing or altering user data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...