CISA (ICS)
09/09/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Activation Manager Vulnerability: Incorrect Implementation of Authentication Algorithm 2. RISK EVALUATION Successful exploitation of this vulnerability could result in in data exposure, session hijacking, or full communication compromise. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS …
SIEMENS CERT
09/09/2025
SIMATIC Virtualization as a Service (SIVaaS) is affected by a vulnerability which exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization. Siemens recommends to contact technical support to fix the vulnerability.
SIEMENS CERT
09/09/2025
Apogee PXC and Talon TC contain a vulnerability that could allow an attacker to download the device encrypted database file. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
09/09/2025
Several tools for the SIMOTION system are affected by a local privilege escalation vulnerability. This could allow an attacker to execute arbitrary code with SYSTEM privileges when a legitimate user installs an application that uses the affected setup component. This vulnerability poses a risk only during setup and installation phase …
SIEMENS CERT
09/09/2025
Fortinet has published information on vulnerabilities in FortiOS. This advisory lists the related Siemens Industrial products. Siemens is preparing fix versions and recommends to consult and implement the workarounds provided in Fortinet’s upstream security notifications.
SIEMENS CERT
09/09/2025
Siemens’ User Management Component (UMC) is affected by multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. Siemens has released a new version for User Management Component (UMC) and recommends to update to the latest version. Siemens recommends …
SIEMENS CERT
09/09/2025
SINEC OS is affected by multiple vulnerabilities due to open UDP ports, which could allow an attacker to access non-sensitive information without authentication or potentially cause temporary denial of service. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
09/09/2025
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.