< ciso
brief />
Tag Banner

All news with #ics security tag

143 articles · page 8 of 8

CISA Publishes Nine ICS Advisories on August 28, 2025

🔔 On August 28, 2025, CISA released nine Industrial Control Systems (ICS) advisories that detail vulnerabilities, impacts, and recommended mitigations for multiple vendors and product families. The advisories cover Mitsubishi Electric, Schneider Electric, Delta Electronics, GE Vernova, and Hitachi Energy, and include several updates to prior notices. Operators and administrators are encouraged to review each advisory for affected versions, vendor patches, and configuration mitigations, and to prioritize remediation and monitoring to reduce operational risk.
read more →

Schneider Electric Saitel RTU Privilege Escalation Advisory

⚠ Schneider Electric disclosed an improper privilege management vulnerability (CVE-2025-8453, CVSS 6.7) affecting Saitel DR and Saitel DP Remote Terminal Units that could allow an authenticated privileged engineer with console access to escalate privileges and potentially execute arbitrary code. Schneider released HUe firmware 11.06.30 for Saitel DR to remediate the issue; a remediation plan for Saitel DP is pending. CISA notes the vulnerability is not remotely exploitable and recommends limiting physical and console access, enforcing root ownership and restrictive permissions on configuration files, and following ICS defensive guidance.
read more →

CISA Issues Four New Industrial Control Systems Advisories

🛡️ CISA released four Industrial Control Systems (ICS) advisories on August 19, 2025, highlighting vulnerabilities and potential exploits that could affect operational technology environments. The advisories—ICSA-25-231-01 (Siemens Desigo CC Product Family and SENTRON Powermanager), ICSA-25-231-02 (Siemens Mendix SAML Module), ICSA-25-217-02 (Tigo Energy Cloud Connect Advanced, Update A), and ICSA-25-219-07 (EG4 Electronics EG4 Inverters, Update A)—include technical details and recommended mitigations. Users and administrators are urged to review the advisories and apply vendor guidance and mitigations promptly to reduce exposure.
read more →