CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit...

CVE-2025-3128

creationtimestamp| type| source ---|---|--- 2025-04-15 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-09 2025-08-22 03:01:34+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lwxhq7sou62p...

Subnet Solutions PowerSYSTEM Center

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as: Minimize network...

Schneider Electric Trio Q Licensed Data Radio

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on April 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-093-01 Hitachi Energy RTU500 Series ICSA-25-093-02 Hitachi Energy TRMTracker...

Rockwell Automation Lifecycle Services with Veeam Backup and Replication

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative privileges to execute code on the target system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert PME Update A CISA encourages...

CVE-2024-12169

creationtimestamp| type| source ---|---|--- 2025-03-25 13:23:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8645 2025-03-25 15:18:48+00:00| seen| https://t.me/cvedetector/21093 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-01...

Hitachi Energy RTU500 Series (Update B)

SUMMARY Hitachi Energy is aware of the vulnerabilities, CVE-2024-10037, CVE-2024-11499, CVE-2024-12169, and CVE-2025-1445 in the RTU500 Web server component, the IEC 60870-5-104 controlled station implementation and IEC 61850 implementation, that affects the RTU500 versions that are listed...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on March 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-084-01 ABB RMC-100 ICSA-25-084-02 Rockwell Automation Verve Asset Manager ICSA-25-084-0...

CVE-2024-10206

creationtimestamp| type| source ---|---|--- 2025-03-25 06:57:09+00:00| seen| https://t.me/cvedetector/21047 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-05...

Rockwell Automation Verve Asset Manager

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on March 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-079-01 Schneider Electric EcoStruxure™ ICSA-25-079-02 Schneider Electric Enerlin’X IFE...

Santesoft Sante DICOM Viewer Pro

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause memory corruption that would result in execution of arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability,...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on March 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-077-01 Schneider Electric EcoStruxure Power Automation System User Interface EPAS-UI...

Rockwell Automation Lifecycle Services with VMware

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with local administrative privileges to execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

CISA Releases Thirteen Industrial Control Systems Advisories

CISA released thirteen Industrial Control Systems ICS advisories on March 13, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-072-01 Siemens Teamcenter Visualization and Tecnomatrix Plant Simulation...

Optigo Networks Visual BACnet Capture Tool / Optigo Visual Networks Capture Tool

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, gain control over the products, or impersonate the web applications. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

Schneider Electric EcoStruxure Panel Server

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

ABB RMC-100

SUMMARY An update is available that resolves a vulnerability in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could cause the web UI to stop. 2. WORKAROUNDS The vulnerability is only present when the REST interface is enabled...