All news with #sircom tag
Tue, November 25, 2025
SiRcom SMART Alert Missing Authentication Vulnerability
⚠️ SiRcom SMART Alert (SiSA) version 3.0.48 contains a Missing Authentication for Critical Function vulnerability that allows unauthenticated access to backend APIs and bypass of the login screen using browser developer tools. Assigned CVE-2025-13483, the issue has a CVSS v3.1 base score of 9.1 and a CVSS v4 base score of 8.8. Exploitation could enable remote activation or manipulation of emergency sirens, and CISA reports no vendor coordination; network isolation and secure remote access are recommended.
Tue, November 25, 2025
CISA Releases Seven Industrial Control Systems Advisories
🔔 CISA released seven new Industrial Control Systems advisories addressing vulnerabilities across multiple vendors and product families. The advisories cover Ashlar-Vellum, Rockwell Automation, Zenitel, Opto 22, Festo, SiRcom, and an update for Mitsubishi Electric FA engineering software. Administrators are urged to review technical details and apply recommended mitigations promptly.