CISA (ICS)
11/13/2025
1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: General Industrial Controls Equipment: Lynx+ Gateway Vulnerabilities: Weak Password Requirements, Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in obtaining sensitive device information, unauthorized access, or …
SIEMENS CERT
11/11/2025
Altair Grid Engine contain multiple vulnerabilities that could allow an attacker to escalate privileges and execute arbitrary code with superuser permissions. Siemens has released a new version for Altair Grid Engine and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
11/11/2025
Spectrum Power 4 before v4.70 SP12 Security Patch 2 contains multiple vulnerabilities that could allow an attacker to remotely execute code as application administrator or locally execute code as operating system administrator. Siemens has released a new version for Spectrum Power 4 and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
SICAM GridEdge contains an improper access control vulnerability. This could allow persons with local access to the host system to inject an SSH key. Siemens has released a new version for SICAM GridEdge (Classic) and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
LOGO! 8 BM (incl. SIPLUS variants) contains multiple vulnerabilities. These could allow an attacker to execute code remotely, put the device into a denial of service state, or change the behavior of the device. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or …
SIEMENS CERT
11/11/2025
COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. Siemens has released a new version for COMOS and recommends to update to the latest version.
SIEMENS CERT
11/11/2025
Multiple vulnerabilities were identified in the web server of the SICAM GridEdge application which includes missing authentication for critical API functions, absent cross-origin resource sharing restrictions and access to credentials. Siemens has released a new version for SICAM GridEdge (Classic) and recommends to update to the latest version.