Skip to content

CISA News

  • CISA Releases Nine Industrial Control Systems Advisories
    by CISA
    CISA released nine Industrial Control Systems (ICS) advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit ICSA-25-105-03 Siemens SIMOCODE, SIMATIC, SIPLUS, SIDOOR, SIWAREX ICSA-25-105-04 Growatt Cloud Applications ICSA-25-105-05 Lantronix Xport ICSA-25-105-06 National Instruments LabVIEW ICSA-25-105-07 […]
  • Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities
    by CISA
    Fortinet is aware of a threat actor creating a malicious file from previously exploited Fortinet vulnerabilities (CVE-2024-21762, CVE-2023-27997, and CVE-2022-42475) within FortiGate products. This malicious file could enable read-only access to files on the device's file system, which may include configurations. Fortinet has communicated directly with the account holders of customers identified as impacted by […]
  • CISA Releases Ten Industrial Control Systems Advisories
    by CISA
    CISA released ten Industrial Control Systems (ICS) advisories on April 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-100-01 Siemens License Server ICSA-25-100-02 Siemens SIDIS Prime ICSA-25-100-03 Siemens Solid Edge ICSA-25-100-04 Siemens Industrial Edge Devices ICSA-25-100-05 Siemens Insights Hub Private Cloud ICSA-25-100-06 Siemens SENTRON 7KT PAC1260 Data […]
  • CISA Adds Two Known Exploited Vulnerabilities to Catalog
    by CISA
    CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53197 Linux Kernel Out-of-Bounds Access Vulnerability CVE-2024-53150 Linux Kernel Out-of-Bounds Read Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]
  • CISA Adds Two Known Exploited Vulnerabilities to Catalog
    by CISA
    CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-30406 Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability CVE-2025-29824 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the […]

Copyright © 2025 infosecintel.net