CISA (ICS)
09/30/2025
1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION : Low attack complexity Vendor : OpenPLC_V3 Equipment : OpenPLC_V3 Vulnerability : Reliance on Undefined, Unspecified, or Implementation-Defined Behavior 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of service, making the PLC runtime process crash. 3. TECHNICAL DETAILS 3.1 …
CISA (ICS)
09/30/2025
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Festo Equipment : Controller CECC-S,-LK,-D Family Firmware Vulnerabilities : Exposure of Resource to Wrong Sphere, Untrusted Pointer Dereference, NULL Pointer Dereference, Files or Directories Accessible to External Parties, Out-of-bounds Write, Improper Privilege Management, Incorrect Permission Assignment …
CISA (ICS)
09/30/2025
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Festo Equipment : CPX-CEC-C1 and CPX-CMXX Vulnerability : Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated, remote access to critical webpage functions which may cause a denial of service. 3. …
CISA (ICS)
09/30/2025
1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/Low attack complexity Vendor : LG Innotek Equipment : Camera Models LND7210 and LNV7210R Vulnerability : Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative access to …
CISA (ICS)
09/30/2025
1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : National Instruments Equipment : Circuit Design Suite Vulnerabilities : Type Confusion, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption, potentially leading to information disclosure and execution of …
CISA (ICS)
09/30/2025
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : Festo Equipment : SBRD-Q/SBOC-Q/SBOI-Q Vulnerabilities : Incorrect Conversion between Numeric Types, Out-of-bounds Read, Reachable Assertion 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow the attacker to read arbitrary data or cause a denial-of-service condition. …
CISA (ICS)
09/30/2025
1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Megasys Enterprises Equipment : Telenium Online Web Application Vulnerability : OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to inject arbitrary operating system commands through a crafted HTTP …
CISA (ICS)
09/25/2025
1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dingtian Equipment : DT-R002 Vulnerabilities : Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve credentials without authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of …