CISA (ICS)
09/04/2025
1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Honeywell Equipment : OneWireless Wireless Device Manager (WDM) Vulnerabilities : Improper Restriction of Operations within the Bounds of a Memory Buffer, Sensitive Information in Resource Not Removed Before Reuse, Integer Underflow (Wrap or Wraparound), Deployment of …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : FRENIC-Loader 4 Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Fuji …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION : Exploitable from an adjacent network/low attack complexity Vendor : SunPower Equipment : PVS6 Vulnerability : Use of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, …
CISA (ICS)
09/02/2025
1. EXECUTIVE SUMMARY CVSS v4 6.7 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : EIP Builder Vulnerability : Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to potentially process dangerous external entities, resulting in disclosure of …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-F Series CPU module Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read or write the device values of …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : GE Vernova Equipment : CIMPLICITY Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 Vulnerability : Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on affected installations of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The …
CISA (ICS)
08/28/2025
1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION : Low Attack Complexity Vendor : Schneider Electric Equipment : Saitel DR RTU, Saitel DP RTU Vulnerability : Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges, potentially leading to arbitrary code execution. …