CISA (ICS)
11/25/2025
1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Zenitel Equipment: TCIV-3+ Vulnerabilities: OS Command Injection, Out-of-bounds Write, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in arbitrary code execution or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following …
CISA (ICS)
11/20/2025
1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Emerson Equipment : Appleton UPSMON-PRO Vulnerability : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. 3. TECHNICAL DETAILS 3.1 …
CISA (ICS)
11/20/2025
1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION : Exploitable remotely Vendor : Opto 22 Equipment : GRV-EPIC-PR1, GRV-EPIC-PR2, groov RIO Vulnerability : Improper Neutralization of Special Elements used in an OS Command 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the execution of arbitrary shell commands with …
CISA (ICS)
11/20/2025
1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Low attack complexity Vendor : Automated Logic Equipment : WebCTRL Premium Server Vulnerabilities : Open Redirect, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to deceive a legitimate user into running malicious scripts or redirecting …
CISA (ICS)
11/20/2025
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Festo SE & Co. KG Equipment : Didactic products Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the creation or overwriting of arbitrary files in the engineering system. 3. TECHNICAL …
CISA (ICS)
11/20/2025
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Festo SE & Co. KG Equipment : MSE6-C2M/D2M/E2M Vulnerability : Hidden Functionality 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a complete loss of confidentiality, integrity, and availability. 3. TECHNICAL DETAILS 3.1 AFFECTED …
CISA (ICS)
11/20/2025
1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : iCam365 Equipment : P201 and QC021 Vulnerabilities : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized exposure of camera video streams and camera configuration data. 3. TECHNICAL DETAILS …
BOSCH PSIRT
11/19/2025
BOSCH-SA-085467-BT: MAP 5000 is affected by an OpenSSH vulnerability which is enabled in a backwards compatibility mode. It allows remote attackers to cause a denial-of-service (DoS) by crashing the panel.