Dynamic Causal Attack Graph Based Cyber-Security Risk Assessment Framework for CTCS System

Protecting the security of the train control system is a critical issue to ensure the safe and reliable operation of high-speed trains. Scientific modeling and analysis for the security risk is a promising way to guarantee system security. However, the representation and assessment of the...

Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...

CVE-2025-54855

creationtimestamp| type| source ---|---|--- 2025-09-23 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-266-01...

CVE-2025-9996

creationtimestamp| type| source ---|---|--- 2025-09-18 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-03...

CVE-2025-52873

creationtimestamp| type| source ---|---|--- 2025-09-18 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06...

CVE-2025-54754

creationtimestamp| type| source ---|---|--- 2025-09-18 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06 2025-09-18 20:03:18+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lz55g3jmvi2g 2025-09-18 21:29:01+00:00| seen|...

CVE-2025-54810

creationtimestamp| type| source ---|---|--- 2025-09-18 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06 2025-09-18 20:03:18+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lz55g3jmvi2g...

CVE-2025-30519

creationtimestamp| type| source ---|---|--- 2025-09-18 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-07 2025-09-18 20:03:59+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lz55hd4prc27 2025-09-19 01:32:16+00:00| seen|...

CVE-2025-53969

creationtimestamp| type| source ---|---|--- 2025-09-18 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06 2025-09-18 20:03:18+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lz55g3jmvi2g...

Dover Fueling Solutions ProGauge MagLink LX4 Devices

RISK EVALUATION Successful exploitation of these vulnerabilities could result in a remote attacker causing a denial-of-service condition or gaining administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on September 16, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-259-01 Schneider Electric Altivar Products, ATVdPAC Module, ILC992 InterLink...

CVE-2025-7746

creationtimestamp| type| source ---|---|--- 2025-09-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-259-01...

CVE-2025-8449

creationtimestamp| type| source ---|---|--- 2025-09-11 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-254-08...

CVE-2025-40757

creationtimestamp| type| source ---|---|--- 2025-09-11 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-254-05...

CVE-2025-40797

creationtimestamp| type| source ---|---|--- 2025-09-11 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-254-07...

CVE-2025-7679

creationtimestamp| type| source ---|---|--- 2025-09-09 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-252-02...

ABB Cylon Aspect BMS/BAS

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to assume control of the target device or perform a denial-of-service DoS attack. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying...

ICSLure: a Very High Interaction Honeynet for PLC-Based Industrial Control Systems

The security of Industrial Control Systems ICSs is critical to ensuring the safety of industrial processes and personnel. The rapid adoption of Industrial Internet of Things IIoT technologies has expanded system functionality but also increased the attack surface, exposing ICSs to a growing range...

CLSA-2025-1756931716 golang: Fix of CVE-2025-4674

CVE-2025-4674: disallow multiple VCS metadata dirs in one module to prevent VCS injection attacks...

Copeland E3 Supervisory Control 安全漏洞

Copeland E3 Supervisory Control is an industrial equipment control system from Copeland Corporation. A security vulnerability exists in Copeland E3 Supervisory Control versions prior to 2.31F01, which stems from an improper root password generation mechanism that could lead to the generation of a...