CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on May 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-126-01 Optigo Networks ONS NC600 ICSA-25-126-02 Milesight UG65-868M-EA ICSA-25-126-03...

Optigo Networks ONS NC600

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to establish an authenticated connection with the hard-coded credentials and perform OS command executions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

Adversarial Sample Generation for Anomaly Detection in Industrial Control Systems

Machine learning ML-based intrusion detection systems IDS are vulnerable to adversarial attacks. It is crucial for an IDS to learn to recognize adversarial examples before malicious entities exploit them. In this paper, we generated adversarial samples using the Jacobian Saliency Map Attack JSMA...

Honeywell MB-Secure 安全漏洞

Honeywell MB-Secure is an industrial-grade network security solution from Honeywell USA designed for the Modbus protocol to provide communication protection and access control for industrial control systems ICS. A security vulnerability exists in Honeywell MB-Secure versions prior to V11.04 throu...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on May 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-121-01 KUNBUS GmbH Revolution Pi ICSMA-25-121-01 MicroDicom DICOM Viewer CISA encourages...

MicroDicom DICOM Viewer

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information, cause memory corruption, and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

KUNBUS GmbH Revolution Pi (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to bypass authentication, gain unauthorized access to critical functions, and execute malicious server-side includes SSI within a web page. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...

ABB Automation Builder (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to overrule the Automation Builder's user management. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

Rockwell Automation ThinManager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges and cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

GiBy: a Giant-Step Baby-Step Classifier for Anomaly Detection in Industrial Control Systems

The continuous monitoring of the interactions between cyber-physical components of any industrial control system ICS is required to secure automation of the system controls, and to guarantee plant processes are fail-safe and remain in an acceptably safe state. Safety is achieved by managing...

CVE-2019-6809

creationtimestamp| type| source ---|---|--- 2025-04-24 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-01...

CVE-2025-30002

creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01 2025-06-16 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-386/...

CVE-2025-32840

creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01...

CVE-2025-29905

creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01 2025-06-16 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-385/...

CVE-2025-32847

creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01...

CVE-2025-32831

creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01...

CVE-2025-27539

creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01 2025-06-16 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-383/...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on April 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-107-01 Schneider Electric Trio Q Licensed Data Radio ICSA-25-107-02 Schneider Electric...

CVE-2024-37038

creationtimestamp| type| source ---|---|--- 2025-04-17 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-107-02...

Yokogawa Recorder Products

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate information on the affected products. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...