Skip to content

CISA News

  • CISA Adds Three Known Exploited Vulnerabilities to Catalog
    by CISA
    CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31200 Apple Multiple Products Memory Corruption Vulnerability CVE-2025-31201 Apple Multiple Products Arbitrary Read and Write Vulnerability CVE-2025-24054 Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to […]
  • CISA Releases Six Industrial Control Systems Advisories
    by CISA
    CISA released six Industrial Control Systems (ICS) advisories on April 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-107-01 Schneider Electric Trio Q Licensed Data Radio ICSA-25-107-02 Schneider Electric Sage Series ICSA-25-107-03 Schneider Electric ConneXium Network Manager ICSA-25-107-04 Yokogawa Recorder Products ICSA-24-326-04 Schneider Electric Modicon M340, MC80, […]
  • CISA Adds One Known Exploited Vulnerability to Catalog
    by CISA
    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-20035 SonicWall SMA100 Appliances OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of […]
  • CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise
    by CISA
    CISA is aware of public reporting regarding potential unauthorized access to a legacy Oracle cloud environment. While the scope and impact remains unconfirmed, the nature of the reported activity presents potential risk to organizations and individuals, particularly where credential material may be exposed, reused across separate, unaffiliated systems, or embedded (i.e., hardcoded into scripts, applications, […]
  • CISA Releases Nine Industrial Control Systems Advisories
    by CISA
    CISA released nine Industrial Control Systems (ICS) advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit ICSA-25-105-03 Siemens SIMOCODE, SIMATIC, SIPLUS, SIDOOR, SIWAREX ICSA-25-105-04 Growatt Cloud Applications ICSA-25-105-05 Lantronix Xport ICSA-25-105-06 National Instruments LabVIEW ICSA-25-105-07 […]

Copyright © 2025 infosecintel.net