SIEMENS CERT
09/09/2025
Siemens’ User Management Component (UMC) is affected by multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. Siemens has released a new version for User Management Component (UMC) and recommends to update to the latest version. Siemens recommends …
SIEMENS CERT
09/09/2025
Siemens SINAMICS G220, SINAMICS S210, and SINAMICS S200 contains a privilege escalation vulnerability that could allow users to escalate their privileges. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where …
CISA (ICS)
09/04/2025
1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Honeywell Equipment : OneWireless Wireless Device Manager (WDM) Vulnerabilities : Improper Restriction of Operations within the Bounds of a Memory Buffer, Sensitive Information in Resource Not Removed Before Reuse, Integer Underflow (Wrap or Wraparound), Deployment of …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : FRENIC-Loader 4 Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Fuji …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION : Exploitable from an adjacent network/low attack complexity Vendor : SunPower Equipment : PVS6 Vulnerability : Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 6.7 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : EIP Builder Vulnerability : Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to potentially process dangerous external entities, resulting in disclosure of …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : GE Vernova Equipment : CIMPLICITY Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION : Low Attack Complexity Vendor : Schneider Electric Equipment : Saitel DR RTU, Saitel DP RTU Vulnerability : Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges, potentially leading to arbitrary code execution. …