Tag archive for Cisa

CISA Releases Twenty Industrial Control Systems Advisories

CISA released twenty Industrial Control Systems (ICS) advisories on February 13, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-044-01 Siemens SIMATIC S7-1200 CPU Family ICSA-25-044-02 Siemens SIMATIC ICSA-25-044-03 Siemens SIPROTEC 5 ICSA-25-044-04 Siemens SIPROTEC 5 ICSA-25-044-05 Siemens…

Continue reading →

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on February 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-319-17 2N Access Commander (Update A) ICSA-25-037-04 Trimble Cityworks (Update A) CISA encourages users and administrators to review newly…

Continue reading →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD)…

Continue reading →

Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software

CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability (CVE-2025-0994) discovered by Trimble impacting its Cityworks Server AMS (Asset Management System). Trimble has released security updates and an advisory addressing a recently discovered deserialization vulnerability enabling an external…

Continue reading →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive…

Continue reading →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-11023 JQuery Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…

Continue reading →

CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA released a fact sheet, Contec CMS8000 Contains a Backdoor, detailing an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health (HPH) sector. Analysts discovered that an embedded backdoor function with a hard-coded…

Continue reading →

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-030-01 Hitachi Energy UNEM ICSA-25-030-02 New Rock Technologies Cloud Connected Devices ICSA-25-030-03 Schneider Electric System Monitor Application in Harmony…

Continue reading →

Page 1 of 58 1 2 3 4 5 ... Last →