Consilium Safety CS5000 Fire Panel (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain high-level access to and remotely operate the device, potentially putting it into a non-functional state. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk...

SimProcess: High Fidelity Simulation of Noisy ICS Physical Processes

Industrial Control Systems ICS manage critical infrastructures like power grids and water treatment plants. Cyberattacks on ICSs can disrupt operations, causing severe economic, environmental, and safety issues. For example, undetected pollution in a water plant can put the lives of thousands at...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-146-01 Johnson Controls iSTAR Configuration Utility ICU Tool CISA encourages users and...

CVE-2024-10534

Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems PACS / Access Control Security Systems ACSS allows Traffic Injection. This issue affects Personnel Attendance Control Systems PACS / Access Control Security Systems ACSS: before 2024...

CVE-2023-38405

On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash...

CVE-2022-45091

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

CVE-2022-45087

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on May 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-142-01 Lantronix Device Installer ICSA-25-142-02 Rockwell Automation FactoryTalk Historian...

ABUP IoT Cloud Platform

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access device profiles for which they are not authorized. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

National Instruments Circuit Design Suite

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as: Minimize...

AutomationDirect MB-Gateway

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to make configuration changes, disrupt operations, or achieve arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

Danfoss AK-SM 8xxA Series (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could enable a remote attacker to bypass authentication and remotely execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

CVE-2024-49936

creationtimestamp| type| source ---|---|--- 2025-05-16 07:34:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16653 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-49962

creationtimestamp| type| source ---|---|--- 2025-05-16 07:34:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16651 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CISA Releases Twenty-Two Industrial Control Systems Advisories

CISA released twenty-two Industrial Control Systems ICS advisories on May 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-135-01 Siemens RUGGEDCOM APE1808 Devices ICSA-25-135-02 Siemens INTRALOG WMS...

Schneider Electric PrismaSeT Active - Wireless Panel Server

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

Siemens MS/TP Point Pickup Module

SUMMARY MS/TP Point Pickup Module devices are affected by a denial of service vulnerability that could be triggered by an attacker residing in the same BACnet network by sending a specially crafted MSTP message. A power cycle is required to restore the device's normal operation. Siemens...

Siemens Desigo

SUMMARY Desigo CC deployments that use Installed Client are impacted by an information disclosure vulnerability which could result in information leak from the Desigo CC server. The other Desigo CC client options, Windows App Client and Flex Client, are not affected by this vulnerability...

CISA: Primary Mitigations to Reduce Cyber Threats to Operational Technology

The Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Environmental Protection Agency EPA, and Department of Energy DOE are aware of cyber incidents affecting the operational technology OT and industrial control systems ICS of critical infrastructure...

Unsophisticated Cyber Actor(s) Targeting Operational Technology

CISA is increasingly aware of unsophisticated cyber actors targeting ICS/SCADA systems within U.S. critical Infrastructure sectors Oil and Natural Gas, specifically in Energy and Transportation Systems. Although these activities often include basic and elementary intrusion techniques, the presenc...