ICS Archives • Page 2 of 3 • Daily CyberSecurity

Rockwell Arena Simulation Flaw: Remote Code Execution Via Malicious DOE Files

Rockwell Arena Simulation Flaw: Remote Code Execution Via Malicious DOE Files

Do Son July 12, 2025

Rockwell Automation has issued a security advisory detailing two vulnerabilities affecting its Arena Simulation software. Disclosed by...

CISA Warns of Critical Flaws in Emerson ValveLink Software: Exploits Could Lead to Code Execution and Data Exposure Emerson ValveLink, Critical Vulnerabilities

Emerson ValveLink, Critical Vulnerabilities

CISA Warns of Critical Flaws in Emerson ValveLink Software: Exploits Could Lead to Code Execution and Data Exposure

Do Son July 10, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security advisory highlighting multiple critical vulnerabilities...

Critical Flaws Found in Siemens SINEC NMS: Privilege Escalation and Remote Code Execution Risks Siemens SIVaaS CVE-2025-40804 CVE-2022-43400 & CVE-2024-41798 Siemens SINEC NMS, Critical Vulnerabilities

Siemens SIVaaS CVE-2025-40804 CVE-2022-43400 & CVE-2024-41798 Siemens SINEC NMS, Critical Vulnerabilities

Critical Flaws Found in Siemens SINEC NMS: Privilege Escalation and Remote Code Execution Risks

Do Son July 9, 2025

iemens has released a critical security advisory detailing multiple high-severity vulnerabilities affecting SINEC NMS, its flagship network...

Critical Frauscher Flaws (CVE-2025-3626 CVSS 9.1, CVE-2025-3705 CVSS 6.8): OS Command Injection Threatens Railway Systems

Do Son July 8, 2025

A newly published security advisory coordinated by CERT@VDE and Frauscher Sensortechnik GmbH reveals two severe OS command...

CVE-2025-41672 (CVSS 10): Critical JWT Certificate Flaw in WAGO Device Sphere Allows Full Remote Takeover WAGO Device Sphere, Critical Vulnerability

WAGO Device Sphere, Critical Vulnerability

CVE-2025-41672 (CVSS 10): Critical JWT Certificate Flaw in WAGO Device Sphere Allows Full Remote Takeover

Do Son July 8, 2025

A coordinated disclosure by CERT@VDE and WAGO has unveiled a devastating vulnerability—CVE-2025-41672—impacting WAGO’s industrial automation platform Device...

Power Grid ICS Are Exposed — What Does This Mean for Critical Infrastructure? Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Power Grid ICS Are Exposed — What Does This Mean for Critical Infrastructure?

Do Son July 3, 2025

Before 2010, Industrial Control Systems (ICS) mostly operated within isolated Operational Technology (OT) networks and received little...

Pro-Russian Hacktivists Escalate 2025 Cyber Offensive: Targeting Western Critical Infrastructure & ICS Pro-Russian Hacktivism, Critical Infrastructure Attacks

Pro-Russian Hacktivism, Critical Infrastructure Attacks

Pro-Russian Hacktivists Escalate 2025 Cyber Offensive: Targeting Western Critical Infrastructure & ICS

Do Son July 3, 2025

The cybercrime landscape in 2025 has been dramatically reshaped by the geopolitical upheaval stemming from the Russia-Ukraine...

Pilz IndustrialPI 4 Alert: Critical Flaws (CVE-2025-41656 CVSS 10.0 RCE, CVE-2025-41648 Auth Bypass) Expose Industrial PCs Pilz IndustrialPI, Critical Vulnerabilities

Pilz IndustrialPI, Critical Vulnerabilities

Pilz IndustrialPI 4 Alert: Critical Flaws (CVE-2025-41656 CVSS 10.0 RCE, CVE-2025-41648 Auth Bypass) Expose Industrial PCs

Do Son July 2, 2025

Two critical vulnerabilities recently disclosed by CERT@VDE, in coordination with industrial automation company Pilz, highlight a sobering...

Iranian Cyber Actors May Target U.S. Networks and Critical Infrastructure, Warn U.S. Agencies Iran Cyber Threat, US Critical Infrastructure

Iranian Cyber Actors May Target U.S. Networks and Critical Infrastructure, Warn U.S. Agencies

Do Son July 1, 2025

A joint alert issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI),...

Mitsubishi Electric Air Conditioning Systems Vulnerable to Remote Authentication Bypass (CVSS 9.8) Mitsubishi Electric, Critical Vulnerability

Mitsubishi Electric, Critical Vulnerability

Mitsubishi Electric Air Conditioning Systems Vulnerable to Remote Authentication Bypass (CVSS 9.8)

Do Son June 27, 2025

A newly disclosed critical vulnerability—CVE-2025-3699—affecting a wide range of Mitsubishi Electric air conditioning system models has raised...

CISA Warns of Critical Flaws in ControlID iDSecure Vehicle Control Software ControlID iDSecure, Access Control Vulnerabilities

CISA Warns of Critical Flaws in ControlID iDSecure Vehicle Control Software

Do Son June 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk advisory on three newly discovered vulnerabilities...

Flaws Found in Hitachi Energy’s MicroSCADA X SYS600: CVEs Could Enable File Tampering, DoS, and MITM Attacks

Do Son June 25, 2025

Hitachi Energy has released a cybersecurity advisory (8DBD000218) disclosing five newly discovered vulnerabilities affecting its MicroSCADA X...

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases Advantech ICS, Critical Vulnerabilities

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

Do Son June 25, 2025

The Phantom The Cyber Security Agency (CSA) of Singapore has issued an urgent security advisory highlighting multiple...

CISA Warning: Critical Flaw (CVE-2025-5310) Exposes Fueling Station Devices Fuel Infrastructure, Critical Vulnerability

CISA Warning: Critical Flaw (CVE-2025-5310) Exposes Fueling Station Devices

Do Son June 20, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security advisory warning fuel infrastructure...

WAGO Device Manager Vulnerabilities Expose Critical Industrial Infrastructure to Remote Exploits

Do Son June 18, 2025

German industrial automation manufacturer WAGO GmbH & Co. KG has released critical security updates for its WAGO...

CVE-2024-9404: Remote DoS Vulnerability Found in Moxa Industrial Switches Moxa Switches, DoS Vulnerability

CVE-2024-9404: Remote DoS Vulnerability Found in Moxa Industrial Switches

Do Son June 13, 2025

Moxa has issued a high-severity security advisory for a newly discovered vulnerability—CVE-2024-9404—that affects its widely deployed PT-G7728...

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access! Weidmueller, Critical Vulnerabilities

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

Do Son June 12, 2025

A recent coordinated security advisory issued by CERT@VDE and Weidmueller has disclosed three critical vulnerabilities affecting the...

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data! Siemens Energy, Critical Vulnerability CVE-2025-40585

Siemens Energy, Critical Vulnerability CVE-2025-40585

Urgent Siemens Energy Alert: Critical Flaw (CVSS 9.9) in Private 5G Core Exposes Sensitive Data!

Do Son June 12, 2025

Siemens has issued a critical security advisory regarding its Energy Services platform—formerly known as Managed Applications and...

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems RevPi Webstatus, Authentication Bypass

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems

Do Son June 10, 2025

KUNBUS has issued a critical security advisory for its RevPi Webstatus application following the discovery of an...

CISA Warns of Critical Unauthenticated Access Vulnerability in Instantel Micromate Devices Instantel Micromate, Critical Vulnerability

CISA Warns of Critical Unauthenticated Access Vulnerability in Instantel Micromate Devices

Do Son June 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning users of a critical...

Critical Alert 2 Active Exploits Detected Today