CISA (ICS)
09/09/2025
1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: FactoryTalk Optix Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker achieving remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of FactoryTalk Optix, a scalable, …
CISA (ICS)
09/09/2025
1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : 1783-NATR Vulnerability : Use of Platform-Dependent Third Party Components 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a memory corruption on the product. 3. TECHNICAL DETAILS …
CISA (ICS)
09/09/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable from an adjacent network/low attack complexity Vendor : Rockwell Automation Equipment : Analytics LogixAI Vulnerability : Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive …
SIEMENS CERT
09/09/2025
Siemens SINAMICS G220, SINAMICS S210, and SINAMICS S200 contains a privilege escalation vulnerability that could allow users to escalate their privileges. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where …
SIEMENS CERT
09/09/2025
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
09/09/2025
The installers used to install several Siemens products are affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected installer component. This vulnerability poses a risk only during setup and installation phase of the …
SIEMENS CERT
09/09/2025
WIBU Systems published information about a privilege escalation vulnerability under a certain circumstances and associated fix releases of CodeMeter Runtime, a product provided by WIBU Systems and used in several Siemens industrial products. Siemens has released new versions for affected products and recommends to update to the latest versions. Siemens …
SIEMENS CERT
09/09/2025
SIMATIC Virtualization as a Service (SIVaaS) is affected by a vulnerability which exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization. Siemens recommends to contact technical support to fix the vulnerability.