Aggregator

You must login to view this content

CISA released twenty-two Industrial Control Systems (ICS) advisories on May 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-135-01 Siemens RUGGEDCOM APE1808 Devices
• ICSA-25-135-02 Siemens INTRALOG WMS
• ICSA-25-135-03 Siemens BACnet ATEC Devices
• ICSA-25-135-04 Siemens Desigo
• ICSA-25-135-05 Siemens SIPROTEC and SICAM
• ICSA-25-135-06 Siemens Teamcenter Visualization
• ICSA-25-135-07 Siemens IPC RS-828A
• ICSA-25-135-08 Siemens VersiCharge AC Series EV Chargers
• ICSA-25-135-09 Siemens User Management Component (UMC)
• ICSA-25-135-10 Siemens OZW Web Servers
• ICSA-25-135-11 Siemens Polarion
• ICSA-25-135-12 Siemens SIMATIC PCS neo
• ICSA-25-135-13 Siemens SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety Systems
• ICSA-25-135-14 Siemens APOGEE PXC and TALON TC Series
• ICSA-25-135-15 Siemens Mendix OIDC SSOICSA-25-135-16 Siemens MS/TP Point Pickup Module
• ICSA-25-135-16 Siemens MS/TP Point Pickup Module
• ICSA-25-135-17 Siemens RUGGEDCOM ROX II
• ICSA-25-135-18 Siemens SCALANCE LPE9403
• ICSA-25-135-19 ECOVACS DEEBOT Vacuum and Base Station
• ICSA-25-135-20 Schneider Electric EcoStruxure Power Build Rapsody
   
• ICSA-24-135-04 Mitsubishi Electric Multiple FA Engineering Software Products (Update C)
• ICSA-24-200-01 Mitsubishi Electric MELSOFT MaiLab and MELSOFT VIXIO (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Updated June 5, 2025

CISA is continually collaborating with partners across government and the private sector. Through this collaboration, CISA learned that CVE-2025-4664 has not been exploited and there is insufficient evidence to keep this CVE on the KEV and that the best course of action is to remove it. CISA is committed to continued collaboration with partners.

End of Update

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. 

• CVE-2024-12987 DrayTek Vigor Routers OS Command Injection Vulnerability
• CVE-2025-4664 Google Chromium Loader Insufficient Policy Enforcement Vulnerability
• CVE-2025-42999 SAP NetWeaver Deserialization Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

The benefits of cybercrime aren't all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses.

The post Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures appeared first on CyberScoop.