CISA (ICS)
09/18/2025
1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Dover Fueling Solutions Equipment: ProGauge MagLink LX4, ProGauge MagLink LX4 Plus, ProGauge MagLink LX4 Ultimate Vulnerabilities: Integer Overflow or Wraparound, Use of Hard-coded Cryptographic Key, Use of Weak Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could …
CISA (ICS)
09/18/2025
1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : Service Suite Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to compromise Oracle WebLogic Server, resulting in potential impacts on confidentiality, integrity, and …
CISA (ICS)
09/18/2025
1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Cognex Equipment : In-Sight Explorer, In-Sight Camera Firmware Vulnerabilities : Use of Hard-coded Password, Cleartext Transmission of Sensitive Information, Incorrect Default Permissions, Improper Restriction of Excessive Authentication Attempts, Incorrect Permission Assignment for Critical Resource, Authentication Bypass …
CISA (ICS)
09/18/2025
1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely Vendor : Westermo Network Technologies Equipment : WeOS 5 Vulnerability : Improper Validation of Syntactic Correctness of Input 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device to reboot. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Westermo reports …
CISA (ICS)
09/16/2025
1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : Altivar products, ATVdPAC module, ILC992 InterLink Converter Vulnerability : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to …
CISA (ICS)
09/16/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 …
CISA (ICS)
09/16/2025
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 …
CISA (ICS)
09/16/2025
1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : DIALink Vulnerabilities : Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Delta Electronics …