< ciso
brief />
Tag Banner

All news with #ot security tag

351 articles · page 12 of 18

CISA Releases Seven Industrial Control Systems Advisories

🔔 CISA released seven new Industrial Control Systems advisories addressing vulnerabilities across multiple vendors and product families. The advisories cover Ashlar-Vellum, Rockwell Automation, Zenitel, Opto 22, Festo, SiRcom, and an update for Mitsubishi Electric FA engineering software. Administrators are urged to review technical details and apply recommended mitigations promptly.
read more →

Zenitel TCIV-3+ Multiple Remote Code Execution Flaws

⚠️ Zenitel has disclosed multiple high‑severity vulnerabilities in the TCIV-3+ intercom device, including three OS command injection flaws, an out‑of‑bounds write, and a reflected XSS. The issues (CVE-2025-64126 through CVE-2025-64130) carry high CVSS ratings — several are scored CVSS v4 10.0 — and can be exploited remotely with low complexity. Zenitel advises upgrading to version 9.3.3.0 or later; CISA recommends isolating devices, minimizing Internet exposure, and applying defensive controls until patches are deployed.
read more →

Festo MSE6 Devices: Hidden Test-Mode Vulnerability

⚠️ Festo disclosed a hidden test‑mode vulnerability in the MSE6 product family that could be abused by a remote, authenticated low‑privileged attacker. The issue, tracked as CVE-2023-3634, carries a CVSS v3.1 score of 8.8 and may permit complete loss of confidentiality, integrity, and availability. Festo plans documentation updates in the next product release; CISA recommends isolating devices, minimizing network exposure, and using firewalls and secured VPNs as mitigations.
read more →

Opto 22 GRV-EPIC and groov RIO: Remote RCE Vulnerability

⚠️ A remotely exploitable OS command injection in the Opto 22 Groov Manage REST API allows attackers with administrative credentials to inject shell commands that execute as root on affected GRV-EPIC and groov RIO devices. The issue is tracked as CVE-2025-13087 and carries a CVSS v4 base score of 7.5. Opto 22 has released firmware 4.0.3 to address the flaw; users should apply the update promptly. CISA also recommends isolating control networks, minimizing Internet exposure, and monitoring API and system logs for suspicious activity.
read more →

Emerson Appleton UPSMON-PRO Stack Overflow, RCE

Emerson's Appleton UPSMON-PRO contains a stack-based buffer overflow that can be triggered remotely via UDP port 2601. A crafted UDP packet can overwrite stack memory and enable arbitrary code execution with SYSTEM privileges if UPSMONProService traffic is not validated; the issue is tracked as CVE-2024-3871 and carries high severity (CVSS v3.1 9.8; CVSS v4 9.3). Affected versions are 2.6 and earlier; Emerson lists the product as End of Life, and CISA advises replacing unsupported units or applying mitigations such as blocking UDP 2601, isolating monitoring networks, filtering oversized packets, and monitoring for service crashes.
read more →

CISA Issues Six New Industrial Control Systems Advisories

⚠️ CISA released six Industrial Control Systems (ICS) Advisories on 20 November 2025 to inform operators and administrators about current security issues, vulnerabilities, and potential exploits affecting ICS products. The advisories cover affected products including Automated Logic WebCTRL Premium Server, ICAM365 CCTV camera models, Opto 22 GRV‑EPIC/GRV‑RIO, Festo MSE6 and Festo Didactic lines, and Emerson Appleton UPSMON‑PRO. Administrators are encouraged to review each advisory for technical details and mitigations and to apply vendor guidance promptly to reduce operational and safety risk.
read more →

Festo Didactic: TIA Portal Path Traversal Vulnerability

🔒 Festo reported a path traversal vulnerability in Siemens TIA Portal (V15–V18) as deployed on Festo Didactic hardware. Tracked as CVE-2023-26293 with a CVSS v3.1 base score of 7.8, the flaw can allow creation or overwriting of arbitrary files and could lead to arbitrary code execution if a user opens a crafted project file. The issue requires user interaction and is not remotely exploitable; Festo and CISA recommend applying Siemens updates and following standard protections against malicious files and social engineering.
read more →

Automated Logic WebCTRL: Open Redirect and XSS Fix

🔒 Automated Logic's WebCTRL servers and related products are affected by an open redirect (CVE-2024-8527) and a reflected XSS vulnerability (CVE-2024-8528) impacting versions 6.1, 7.0, 8.0, and 8.5. The open redirect carries high severity (CVSS v3.1 9.3; v4 8.6) while the XSS stems from an unsanitized "wbs" GET parameter (CVSS v3.1 7.5; v4 5.4). Automated Logic reports remediation in WebCTRL 9.0 and advises upgrades; CISA recommends minimizing device exposure, using firewalls and secure remote access, and following anti-phishing best practices. CISA notes no known public exploitation and states the vulnerabilities are not remotely exploitable as described.
read more →

CISA Urges Critical Infrastructure to Be Air Aware

🛡️ CISA urges critical infrastructure owners and operators to adopt a year‑round approach to managing risks from unmanned aircraft systems (UAS) and highlights its Be Air Aware(TM) campaign. The agency released three new guidance products including Suspicious Unmanned Aircraft System Activity Guidance, Safe Handling Considerations for Downed UAS, and UAS Detection Technology Guidance. CISA also offers regional assessments, exercise design, temporary flight restriction coordination for high‑risk events, and bombing prevention assistance to help organizations detect, mitigate, and respond to UAS incidents.
read more →

CISA Releases Guides to Safeguard Infrastructure from UAS

🛡️ CISA released three new Be Air Aware™ guides to help critical infrastructure owners and operators identify and mitigate risks posed by unmanned aircraft systems (UAS). The publications include Unmanned Aircraft System Detection Technology Guidance for Critical Infrastructure, Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators, and Safe Handling Considerations for Downed Unmanned Aircraft Systems. Developed with government and industry partners, the guides provide practical options to integrate UAS threats into existing security and emergency response plans. CISA encourages organizations to adopt the recommendations to strengthen resilience and align with related directives.
read more →

Energy Sector Targeted by Hackers: Risks, AI & Cooperation

🔒 The energy sector faces a high and growing cyber threat, with attackers targeting OT systems, grid sensors and IoT endpoints to create cascading societal impacts. Critical vulnerabilities — notably in Siemens products — and increasing IT‑OT coupling widen the attack surface. The article stresses the need for end-to-end visibility, AI-driven early warning and anomaly detection, and stronger international cooperation, including NIS 2-aligned practices and active CERT coordination to build resilience.
read more →

CISA Issues Six New Industrial Control Systems Advisories

🔔 CISA released six Industrial Control Systems (ICS) advisories detailing current security issues, vulnerabilities, and potential exploits affecting multiple vendors and products. The advisories cover Schneider Electric products (including EcoStruxure Machine SCADA Expert, Pro-face BLUE Open Studio, and PowerChute Serial Shutdown), Shelly Pro devices, and METZ CONNECT hardware. One advisory is an update (B) to a prior Schneider Electric notice. Users and administrators are encouraged to review the technical details and apply recommended mitigations promptly.
read more →

Shelly Pro 4PM DoS Vulnerability (CVE-2025-11243)

⚠ A vulnerability in Shelly Pro 4PM (CVE-2025-11243) can cause device reboots and denial-of-service conditions. Due to insufficient input bounds checking in the device's JSON parser, specially crafted RPC requests can trigger memory overallocation and force a reboot. Devices running firmware prior to v1.6 are affected; CISA notes the exploit is reachable from adjacent networks with low attack complexity. Operators should update to v1.6.0 or later and limit network exposure.
read more →

Rockwell Automation Verve Asset Manager Access Control Flaw

🔒 Rockwell Automation disclosed an Incorrect Authorization vulnerability in Verve Asset Manager that allows unauthorized read‑only users to read, update, and delete user accounts via the product API. The issue is tracked as CVE-2025-11862 and CISA reports a CVSS v4 base score of 8.4, noting remote exploitability and low attack complexity. Affected releases include versions 1.33 through 1.41.3; Rockwell fixed the flaw in 1.41.4 and 1.42. Administrators should prioritize updates and apply network mitigations to limit exposure.
read more →

Rockwell Automation FactoryTalk DataMosaix Vulnerabilities

🔒 Rockwell Automation disclosed multiple vulnerabilities in FactoryTalk DataMosaix Private Cloud that can enable MFA bypass and persistent cross-site scripting. The issues, tracked as CVE-2025-11084 and CVE-2025-11085, affect 7.11 and selected 8.x releases and carry CVSS v4 scores up to 8.6, indicating high severity. Rockwell has released patches and CISA advises applying updates, minimizing network exposure, and isolating control networks to reduce remote exploitation risk.
read more →

Siemens Solid Edge: Improper Certificate Validation

⚠️ Siemens disclosed an improper certificate validation vulnerability in Solid Edge SE2025 that could enable unauthenticated remote man-in-the-middle attacks against the product's license service connections. The issue is tracked as CVE-2025-40744 and carries a CVSS v3.1 base score of 7.5 and a CVSS v4 base score of 8.7, indicating high impact and low attack complexity. Siemens recommends updating to V225.0 Update 11 or later and restricting network access to licensing endpoints; CISA also advises network segmentation, use of secure remote access, and standard anti-phishing protections. No known public exploitation targeting this vulnerability has been reported.
read more →

Siemens Spectrum Power 4 Vulnerabilities and Patches

🔒 Siemens disclosed multiple vulnerabilities in Spectrum Power 4 that allow privilege escalation and remote command execution in affected versions prior to V4.70 SP12 Update 2. Several issues carry high severity ratings (CVSS v4 up to 8.7) and include weaknesses such as incorrect privilege and permission assignments (CWE-266, CWE-732), incorrect use of privileged APIs (CWE-648), and inclusion of untrusted control-sphere functionality (CWE-829). Siemens recommends updating to V4.70 SP12 Update 2 and limiting network exposure; CISA reiterates defensive best practices.
read more →

Rockwell FactoryTalk Policy Manager DoS Vulnerability

⚠ Rockwell Automation reported a remotely exploitable vulnerability (CVE-2024-22019) in FactoryTalk Policy Manager that can lead to resource exhaustion and denial of service. The issue stems from Node.js HTTP handling of chunked transfer encoding (CWE-404) that permits unbounded reads from a single connection. Affected releases include Version 6.51.00 and earlier; Rockwell corrected the issue in Version 6.60.00. CISA assigns a high severity rating (CVSS v4 8.7) and recommends upgrading, minimizing network exposure, and isolating control networks behind firewalls.
read more →

AVEVA Application Server IDE Cross-Site Scripting Risk

⚠ AVEVA reported a basic cross-site scripting vulnerability (CVE-2025-8386) in the Application Server IDE affecting versions 2023 R2 SP1 P02 and earlier. An authenticated user with the aaConfigTools privilege can modify App Objects' help files to persist XSS that may execute in other users' sessions, potentially enabling horizontal or vertical privilege escalation. AVEVA provides a fix in System Platform 2023 R2 SP1 P03; CISA advises auditing permissions, minimizing network exposure, and using secure remote access methods.
read more →

Critical Flaws in General Industrial Controls Lynx+ Gateway

⚠️ CISA reports multiple high-severity vulnerabilities affecting General Industrial Controls Lynx+ Gateway, including weak password requirements, missing authentication for critical functions, and cleartext transmission of sensitive data. These issues carry CVSS v4 scores up to 9.2 and permit remote exploitation with low attack complexity, potentially enabling unauthorized access, device resets, information disclosure, or denial-of-service. Affected firmware versions include R08, V03, V05, and V18; the findings were disclosed in November 2025. CISA recommends minimizing network exposure, isolating control devices behind firewalls, and using secure remote access methods such as updated VPNs while coordinating with the vendor.
read more →