View CSAF Summary Multiple Industrial products are affected by a vulnerability in the Interniche IP-Stack. The affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of Read more

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. The following versions of National Instruments LabView are affected: LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469) LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, CVE-2025-64467, CVE-2025-64468, CVE-2025-64469) LabVIEW (CVE-2025-64461, CVE-2025-64462, CVE-2025-64463, CVE-2025-64464, CVE-2025-64465, CVE-2025-64466, Read more

View CSAF Summary Schneider Electric is aware of a vulnerability disclosed by Microsoft in the Microsoft Windows Server Update Services (WSUS) used in the EcoStruxure™ Foxboro DCS Advisor services. The EcoStruxure™ Foxboro DCS Advisor, an optional component of the [EcoStruxure™ Foxboro DCS system](https://www.se.com/ww/en/work/products/industrial-automation-control/foxboro-dcs/), facilitates remote connectivity and diagnostics by continuously monitoring key performance indicators (KPI) Read more

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-14733 WatchGuard Firebox Out-of-Bounds Write Vulnerability  This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.    Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Read more

Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Canadian Centre for Cyber Security released an update to the Malware Analysis Report BRICKSTORM Backdoor with indicators of compromise (IOCs) and detection signatures for additional BRICKSTORM samples. This update provides information on additional samples, including Rust-based samples. These samples demonstrate advanced persistence and Read more

CISA released nine Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-352-01 Inductive Automation Ignition ICSA-25-352-02 Schneider Electric EcoStruxure Foxboro DCS Advisor ICSA-25-352-03 National Instruments LabView ICSA-25-352-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products ICSA-25-352-05 Siemens Interniche IP-Stack ICSA-25-352-06 Advantech WebAccess/SCADA ICSA-25-352-07 Read more

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. The following versions of Güralp Systems Fortimus Series, Minimus Series, and Certimus Series are affected: Fortimus Series (CVE-2025-14466) Minimus Series (CVE-2025-14466) Certimus Series (CVE-2025-14466) CVSS Vendor Equipment Vulnerabilities v3 5.3 Güralp Systems Güralp Systems Fortimus Series, Minimus Series, Read more

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack. The following versions of Johnson Controls PowerG, IQPanel and IQHub are affected: PowerG (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740) IQHub (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740) IQPanel 2 (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740) IQPanel 2+ (CVE-2025-61738, CVE-2025-61739, Read more

CISA released seven Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-350-01 Güralp Systems FMUS (Fortimus) Series and MIN (Minimus) Series ICSA-25-350-02 Johnson Controls PowerG, IQPanel and IQHub ICSA-25-350-03 Hitachi Energy AFS, AFR and AFF Series ICSA-25-350-04 Mitsubishi Electric GT Designer3 ICSA-25-140-04 Mitsubishi Electric Read more

View CSAF Summary Successful exploitation of this vulnerability could compromise the integrity of the product data and disrupt its availability. The following versions of Hitachi Energy AFS, AFR and AFF Series are affected: AFS 660-B/C/S (CVE-2024-3596) AFS 665-B/S (CVE-2024-3596) AFS 670 v2.0 (CVE-2024-3596) AFS 650 (CVE-2024-3596) AFS 655 (CVE-2024-3596) AFS 670 (CVE-2024-3596) AFS 675 (CVE-2024-3596) Read more