CVE-2025-32825

creationtimestamp| type| source ---|---|--- 2025-04-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01...

Edimax IC-7100 IP Camera

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send specially crafted requests to achieve remote code execution on the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

Rockwell Automation GuardLogix 5380 and 5580 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote, non-privileged user to send malicious requests resulting in a major nonrecoverable fault causing a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

Rockwell Automation Verve Reporting (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could lead to arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

Unitronics Vision Legacy series (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Unitronics Equipment : Vision Legacy series Vulnerability : Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

APsystems Energy Communication Unit (ECU-C) Power Control Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable via adjacent network / low attack complexity Vendor : APsystems Equipment : Energy communication Unit ECU-C Power Control Software Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this...

Integration Objects OPC UA Server Toolkit (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Integration Objects Equipment : OPC UA Server Toolkit Vulnerability : Improper Output Neutralization for Logs 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

Mitsubishi Electric FA Engineering Software Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious...

Franklin Electric Fueling Systems Colibri

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Franklin Electric Fueling Systems Equipment : Colibri Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem (Update A)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

CISA and NSA Publish Joint Cybersecurity Advisory on Control System Defense

CISA and the National Security Agency NSA have published a joint cybersecurity advisory about control system defense for operational technology OT and industrial control systems ICSs. Control System Defense: Know the Opponent is intended to provide critical infrastructure owners and operators wit...

ICSJWG Spring 2022 Virtual Meeting

The Industrial Control Systems Joint Working Group ICSJWG will hold its Spring 2022 Virtual Meeting April 26–27. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of industrial control systems, idea exchanges regarding critical issues...

ICS threat predictions for 2021

We present our vision of what challenges industrial cybersecurity will soon be or already is facing, and what to expect from cybercriminals in 2021. Random infections 1. Infections will tend to be less random or have non-random follow-ups, as cybercriminals have spent the past several years...

Schneider Electric Magelis HMI Panels

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Magelis HMI Panel Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...

GE PACSystems RX3i

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE/Emerson Equipment: PACSystems RX3i Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the system to change to halt-mode,...

TRITON Malware Targeting Critical Infrastructure Could Cause Physical Damage

Security researchers have uncovered another nasty piece of malware designed specifically to target industrial control systems ICS with a potential to cause health and life-threatening accidents. Dubbed Triton, also known as Trisis, the ICS malware has been designed to target Triconex Safety...