Category: CISA Alerts

 ​CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

CVE-2025-48927 TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability
CVE-2025-48928 TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.  

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

 Read More

 ​View CSAF
1. EXECUTIVE SUMMARY

CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: FESTO, FESTO Didactic
Equipment: CIROS Studio / Education, Automation Suite, FluidDraw, FluidSIM, MES-PC
Vulnerability: Out-of-bounds Write

2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to gain full control of the host system, including remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
FESTO, FESTO Didactic reports that the following products are affected:

FESTO Didactic CIROS Studio / Education: 6.0.0 – 6.4.6
FESTO Didactic CIROS Studio / Education: 7.0.0 – 7.1.7
FESTO Festo Automation Suite: <= 2.6.0.481
FESTO FluidDraw: P6 <= 6.2k
FESTO FluidDraw: 365 <= 7.0a
FESTO Didactic FluidSIM: 5 all versions
FESTO Didactic FluidSIM: 6 <= 6.1c
FESTO Didactic MES-PC: shipped before December 2023

3.2 VULNERABILITY OVERVIEW
3.2.1 OUT-OF-BOUNDS WRITE CWE-787
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
CVE-2023-3935 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.3 PRODUCT IMPACT
Product-specific impact for an affected product vulnerable to the CVE:

CVE-2023-3935
(FESTO FluidDraw; FESTO FluidDraw; FESTO Festo Automation Suite): A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.4 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Germany

3.5 RESEARCHER
CERT@VDE coordinated with and supported Festo in the publication of FSA-202305.
4. MITIGATIONS
FESTO, FESTO Didactic have identified the following specific workarounds and mitigations users can apply to reduce risk:

FESTO Didactic CIROS Studio / Education 6.0.0 – 6.4.6, FESTO Didactic FluidSIM 5 all versions, FESTO Didactic FluidSIM 6 <= 6.1c, FESTO Didactic CIROS Studio / Education 7.0.0 – 7.1.7, FESTO Didactic MES-PC shipped before December 2023: Update CodeMeter Runtime to version >= 7.60c The latest version of CodeMeter Runtime can be downloaded from WIBU System’s web site.
FESTO Festo Automation Suite <= 2.6.0.481: Planned Fix in Summer Release 2024
FESTO FluidDraw P6 <= 6.2k, FESTO FluidDraw 365 <= 7.0a: Update to the latest version.

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.
5. UPDATE HISTORY

July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202305 

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v3 9.8
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: FESTO, FESTO Didactic
• Equipment: CIROS Studio / Education, Automation Suite, FluidDraw, FluidSIM, MES-PC
• Vulnerability: Out-of-bounds Write

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to gain full control of the host system, including remote code execution.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

FESTO, FESTO Didactic reports that the following products are affected:

• FESTO Didactic CIROS Studio / Education: 6.0.0 – 6.4.6
• FESTO Didactic CIROS Studio / Education: 7.0.0 – 7.1.7
• FESTO Festo Automation Suite: <= 2.6.0.481
• FESTO FluidDraw: P6 <= 6.2k
• FESTO FluidDraw: 365 <= 7.0a
• FESTO Didactic FluidSIM: 5 all versions
• FESTO Didactic FluidSIM: 6 <= 6.1c
• FESTO Didactic MES-PC: shipped before December 2023

3.2 VULNERABILITY OVERVIEW

3.2.1 OUT-OF-BOUNDS WRITE CWE-787

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.

CVE-2023-3935 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.3 PRODUCT IMPACT

Product-specific impact for an affected product vulnerable to the CVE:

• CVE-2023-3935
• (FESTO FluidDraw; FESTO FluidDraw; FESTO Festo Automation Suite): A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.4 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Germany

3.5 RESEARCHER

CERT@VDE coordinated with and supported Festo in the publication of FSA-202305.

4. MITIGATIONS

FESTO, FESTO Didactic have identified the following specific workarounds and mitigations users can apply to reduce risk:

• FESTO Didactic CIROS Studio / Education 6.0.0 – 6.4.6, FESTO Didactic FluidSIM 5 all versions, FESTO Didactic FluidSIM 6 <= 6.1c, FESTO Didactic CIROS Studio / Education 7.0.0 – 7.1.7, FESTO Didactic MES-PC shipped before December 2023: Update CodeMeter Runtime to version >= 7.60c The latest version of CodeMeter Runtime can be downloaded from WIBU System’s web site.
• FESTO Festo Automation Suite <= 2.6.0.481: Planned Fix in Summer Release 2024
• FESTO FluidDraw P6 <= 6.2k, FESTO FluidDraw 365 <= 7.0a: Update to the latest version.

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

• Do not click web links or open attachments in unsolicited email messages.
• Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
• Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.

5. UPDATE HISTORY

• July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202305

 Read More

 ​CISA released seven Industrial Control Systems (ICS) advisories on July 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

ICSA-25-182-01 FESTO Didactic CP, MPS 200, and MPS 400 Firmware
ICSA-25-182-02 FESTO Automation Suite, FluidDraw, and Festo Didactic Products
ICSA-25-182-03 FESTO CODESYS
ICSA-25-182-04 FESTO Hardware Controller, Hardware Servo Press Kit
ICSA-25-182-05 Voltronic Power and PowerShield UPS Monitoring Software
ICSA-25-182-06 Hitachi Energy Relion 670/650 and SAM600-IO Series
ICSA-25-182-07 Hitachi Energy MSM 

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. 

CISA released seven Industrial Control Systems (ICS) advisories on July 1, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-182-01 FESTO Didactic CP, MPS 200, and MPS 400 Firmware
• ICSA-25-182-02 FESTO Automation Suite, FluidDraw, and Festo Didactic Products
• ICSA-25-182-03 FESTO CODESYS
• ICSA-25-182-04 FESTO Hardware Controller, Hardware Servo Press Kit
• ICSA-25-182-05 Voltronic Power and PowerShield UPS Monitoring Software
• ICSA-25-182-06 Hitachi Energy Relion 670/650 and SAM600-IO Series
• ICSA-25-182-07 Hitachi Energy MSM 

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

 Read More

 ​View CSAF
1. EXECUTIVE SUMMARY

CVSS v4 8.7
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Hitachi Energy
Equipment: Relion 670/650 and SAM600-IO
Vulnerability: Allocation of Resources Without Limits or Throttling

2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attackers to cause a denial-of-service that disrupts critical functions in the device.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Hitachi Energy reports that the following products are affected:

Hitachi Energy Relion 650: All versions from 2.2.4.0 to 2.2.4.4
Hitachi Energy Relion 650: All versions from 2.2.5.0 to 2.2.5.6
Hitachi Energy Relion 650: All versions from 2.2.6.0 to 2.2.6.2
Hitachi Energy Relion 670: 2.2.2.6
Hitachi Energy Relion 670: 2.2.3.7
Hitachi Energy Relion 670: All versions from 2.2.4.0 to 2.2.4.4
Hitachi Energy Relion 670: All versions from 2.2.5.0 to 2.2.5.6
Hitachi Energy Relion 670: All versions from 2.2.6.0 to 2.2.6.2
Hitachi Energy SAM600-IO: All versions from 2.2.5.0 to 2.2.5.6

3.2 VULNERABILITY OVERVIEW
3.2.1 ALLOCATION OF RESOURCES WITHOUT LIMITS OR THROTTLING CWE-770
A denial-of-service vulnerability due to improper prioritization of network traffic over protection mechanism exists in the Relion 670/650 and SAM600-IO series device that if exploited, could potentially cause critical functions like LDCM (Line Distance Communication Module) to malfunction.
CVE-2025-2403 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
A CVSS v4 score has also been calculated for CVE-2025-2403. A base score of 8.7 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Energy
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Switzerland

3.4 RESEARCHER
Hitachi Energy PSIRT reported this vulnerability to CISA.
4. MITIGATIONS
Hitachi Energy has identified the following specific workarounds and mitigations users can apply to reduce risk:

Relion 670 series version 2.2.6 revisions up to 2.2.6.2, Relion 650 series version 2.2.6 revisions up to 2.2.6.2: Fixed in version 2.2.6.3. Update to version 2.2.6.4 (when available) or latest
Relion 670 series version 2.2.5.6, Relion 650 series version 2.2.5.6, SAM600-IO series version 2.2.5.6: Fixed in version 2.2.5.7. Update to version 2.2.5.8 or latest
Relion 670 series version 2.2.4.4, Relion 650 series version 2.2.4.4: Update to version 2.2.4.5 or latest
All affected products: Apply general mitigation factors

For more information see the associated Hitachi Energy PSIRT security advisory 8DBD000216 Cybersecurity Advisory – DoS Vulnerability in Hitachi Energy Relion 670/650 and SAM600-IO series products.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.
5. UPDATE HISTORY
July 1, 2025: Initial Republication of Hitachi Energy PSIRT 8DBD000216 

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 8.7
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Hitachi Energy
• Equipment: Relion 670/650 and SAM600-IO
• Vulnerability: Allocation of Resources Without Limits or Throttling

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow attackers to cause a denial-of-service that disrupts critical functions in the device.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Hitachi Energy reports that the following products are affected:

• Hitachi Energy Relion 650: All versions from 2.2.4.0 to 2.2.4.4
• Hitachi Energy Relion 650: All versions from 2.2.5.0 to 2.2.5.6
• Hitachi Energy Relion 650: All versions from 2.2.6.0 to 2.2.6.2
• Hitachi Energy Relion 670: 2.2.2.6
• Hitachi Energy Relion 670: 2.2.3.7
• Hitachi Energy Relion 670: All versions from 2.2.4.0 to 2.2.4.4
• Hitachi Energy Relion 670: All versions from 2.2.5.0 to 2.2.5.6
• Hitachi Energy Relion 670: All versions from 2.2.6.0 to 2.2.6.2
• Hitachi Energy SAM600-IO: All versions from 2.2.5.0 to 2.2.5.6

3.2 VULNERABILITY OVERVIEW

3.2.1 ALLOCATION OF RESOURCES WITHOUT LIMITS OR THROTTLING CWE-770

A denial-of-service vulnerability due to improper prioritization of network traffic over protection mechanism exists in the Relion 670/650 and SAM600-IO series device that if exploited, could potentially cause critical functions like LDCM (Line Distance Communication Module) to malfunction.

CVE-2025-2403 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

A CVSS v4 score has also been calculated for CVE-2025-2403. A base score of 8.7 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Energy
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Switzerland

3.4 RESEARCHER

Hitachi Energy PSIRT reported this vulnerability to CISA.

4. MITIGATIONS

Hitachi Energy has identified the following specific workarounds and mitigations users can apply to reduce risk:

• Relion 670 series version 2.2.6 revisions up to 2.2.6.2, Relion 650 series version 2.2.6 revisions up to 2.2.6.2: Fixed in version 2.2.6.3. Update to version 2.2.6.4 (when available) or latest
• Relion 670 series version 2.2.5.6, Relion 650 series version 2.2.5.6, SAM600-IO series version 2.2.5.6: Fixed in version 2.2.5.7. Update to version 2.2.5.8 or latest
• Relion 670 series version 2.2.4.4, Relion 650 series version 2.2.4.4: Update to version 2.2.4.5 or latest
• All affected products: Apply general mitigation factors

For more information see the associated Hitachi Energy PSIRT security advisory 8DBD000216 Cybersecurity Advisory – DoS Vulnerability in Hitachi Energy Relion 670/650 and SAM600-IO series products.

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.

5. UPDATE HISTORY

July 1, 2025: Initial Republication of Hitachi Energy PSIRT 8DBD000216

 Read More

 ​View CSAF
1. EXECUTIVE SUMMARY

CVSS v4 10.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Voltronic Power, PowerShield
Equipment: Viewpower, NetGuard
Vulnerabilities: Exposed Dangerous Method or Function, Forced Browsing

2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker remotely to make configuration changes, resulting in shutting down UPS connected devices or execution of arbitrary code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Voltronic Power and PowerShield UPS monitoring software is affected, as well as other derivative products:

Voltronic Power Viewpower: Version 1.04-24215 and prior
Voltronic Power ViewPower Pro: Version 2.2165 and prior
Powershield NetGuard: Version 1.04-22119 and prior

3.2 VULNERABILITY OVERVIEW
3.2.1 EXPOSED DANGEROUS METHOD OR FUNCTION CWE-749
The UPS management software normally allows a properly authenticated and authorized user using a web interface to configure the system to run a single OS command of the users choosing when the software detects a managed UPS is shutting down. A related critical underlying function is exposed over the network with no authentication or authorization allowing an attacker to use this to run arbitrary code immediately regardless of any managed UPS state or presence.
CVE-2022-31491 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2022-31491. A base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H).
3.2.2 DIRECT REQUEST (‘FORCED BROWSING’) CWE-425
The UPS management software is supposed to only allow a properly authenticated and authorized admin user using a web interface to configure the system. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices.
CVE-2021-43110 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2021-43110. A base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Voltronic Power – Taiwan, Powershield – Australia

3.4 RESEARCHER
An anonymous researcher reported these vulnerabilities to CISA.
4. MITIGATIONS
Voltronic Power has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact Voltronic Power customer support for additional information.
Powershield is aware of the issue and has provided a fix in NetGuard versions 1.04-23292 and later. For more information, refer to Powershield’s software page. Users can also contact Powershield via email or phone: +618 9209 3839.
CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this these vulnerabilities has been reported to CISA at this time.
5. UPDATE HISTORY

July 1, 2025: Initial Publication 

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 10.0
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Voltronic Power, PowerShield
• Equipment: Viewpower, NetGuard
• Vulnerabilities: Exposed Dangerous Method or Function, Forced Browsing

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an unauthenticated attacker remotely to make configuration changes, resulting in shutting down UPS connected devices or execution of arbitrary code.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following Voltronic Power and PowerShield UPS monitoring software is affected, as well as other derivative products:

• Voltronic Power Viewpower: Version 1.04-24215 and prior
• Voltronic Power ViewPower Pro: Version 2.2165 and prior
• Powershield NetGuard: Version 1.04-22119 and prior

3.2 VULNERABILITY OVERVIEW

3.2.1 EXPOSED DANGEROUS METHOD OR FUNCTION CWE-749

The UPS management software normally allows a properly authenticated and authorized user using a web interface to configure the system to run a single OS command of the users choosing when the software detects a managed UPS is shutting down. A related critical underlying function is exposed over the network with no authentication or authorization allowing an attacker to use this to run arbitrary code immediately regardless of any managed UPS state or presence.

CVE-2022-31491 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

A CVSS v4 score has also been calculated for CVE-2022-31491. A base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H).

3.2.2 DIRECT REQUEST (‘FORCED BROWSING’) CWE-425

The UPS management software is supposed to only allow a properly authenticated and authorized admin user using a web interface to configure the system. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices.

CVE-2021-43110 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

A CVSS v4 score has also been calculated for CVE-2021-43110. A base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Voltronic Power – Taiwan, Powershield – Australia

3.4 RESEARCHER

An anonymous researcher reported these vulnerabilities to CISA.

4. MITIGATIONS

Voltronic Power has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact Voltronic Power customer support for additional information.

Powershield is aware of the issue and has provided a fix in NetGuard versions 1.04-23292 and later. For more information, refer to Powershield’s software page. Users can also contact Powershield via email or phone: +618 9209 3839.

CISA recommends users take defensive measures to minimize the risk of exploitation of this these vulnerabilities, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

• Do not click web links or open attachments in unsolicited email messages.
• Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
• Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this these vulnerabilities has been reported to CISA at this time.

5. UPDATE HISTORY

• July 1, 2025: Initial Publication

 Read More

 ​View CSAF
1. EXECUTIVE SUMMARY

CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: FESTO
Equipment: CODESYS
Vulnerabilities: Partial String Comparison, Uncontrolled Resource Consumption, Memory Allocation with Excessive Size Value

2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to block legitimate user connections, crash the application, or authenticate without proper credentials.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
FESTO reports that the following products are affected:

FESTO CODESYS Gateway Server V2: All versions
FESTO CODESYS Gateway Server V2: prior to V2.3.9.38

3.2 VULNERABILITY OVERVIEW
3.2.1 PARTIAL STRING COMPARISON CWE-187
In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only part of the specified password is being compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password.
CVE-2022-31802 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.2 UNCONTROLLED RESOURCE CONSUMPTION CWE-400
In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.
CVE-2022-31803 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
3.2.3 MEMORY ALLOCATION WITH EXCESSIVE SIZE VALUE CWE-789
The CODESYS Gateway Server V2 does not verify the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.
CVE-2022-31804 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
3.3 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Germany

3.4 RESEARCHER
CERT@VDE coordinated with and supported Festo in the publication of FSA-202406.
4. MITIGATIONS
FESTO recommends users enable password protection at login in case no password is set at the controller. Please note the password configuration file is not covered by the default FFT backup and restore mechanism. The related file must be selected manually.
For more information see the associated Festo SE security advisory FSA-202406: Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo PDF or VDE-2024-059: Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
5. UPDATE HISTORY

July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202306 

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v3 9.8
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: FESTO
• Equipment: CODESYS
• Vulnerabilities: Partial String Comparison, Uncontrolled Resource Consumption, Memory Allocation with Excessive Size Value

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to block legitimate user connections, crash the application, or authenticate without proper credentials.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

FESTO reports that the following products are affected:

• FESTO CODESYS Gateway Server V2: All versions
• FESTO CODESYS Gateway Server V2: prior to V2.3.9.38

3.2 VULNERABILITY OVERVIEW

3.2.1 PARTIAL STRING COMPARISON CWE-187

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only part of the specified password is being compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password.

CVE-2022-31802 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.2.2 UNCONTROLLED RESOURCE CONSUMPTION CWE-400

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.

CVE-2022-31803 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

3.2.3 MEMORY ALLOCATION WITH EXCESSIVE SIZE VALUE CWE-789

The CODESYS Gateway Server V2 does not verify the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.

CVE-2022-31804 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Germany

3.4 RESEARCHER

CERT@VDE coordinated with and supported Festo in the publication of FSA-202406.

4. MITIGATIONS

FESTO recommends users enable password protection at login in case no password is set at the controller. Please note the password configuration file is not covered by the default FFT backup and restore mechanism. The related file must be selected manually.

For more information see the associated Festo SE security advisory FSA-202406: Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo PDF or VDE-2024-059: Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo.

CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

• Do not click web links or open attachments in unsolicited email messages.
• Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
• Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.

5. UPDATE HISTORY

• July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202306

 Read More

 ​View CSAF
1. EXECUTIVE SUMMARY

CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: FESTO Didactic
Equipment: CP, MPS 200, MPS 400
Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer

2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
FESTO Didactic reports that the following products are affected:

FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic CP including S7 PLC(All versions): All versions
FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 200 Systems(All versions): All versions
FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 400 Systems(All versions): All versions

3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119
SIMATIC S7-1200 and S7-1500 CPU products contain a memory protection bypass vulnerability that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks. Siemens has released updates for several affected products and strongly recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
CVE-2020-15782 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.3 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Germany

3.4 RESEARCHER
CERT@VDE coordinated with and supported Festo in the publication of FSA-202405.
4. MITIGATIONS
FESTO Didactic has identified the following specific workarounds and mitigations users can apply to reduce risk:

(Product Group: FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic CP including S7 PLC(All versions), FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 200 Systems(All versions), FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 400 Systems(All versions)), All affected products: Update Siemens Simatic S7-1500 / ET200SP Firmware to V2.9.2 or or higher

The following product versions have been fixed:

Siemens Simatic S7-1500 / ET200SP V2.9.2 installed on FESTO Didactic CP including S7 PLC are fixed versions for CVE-2020-15782
Siemens Simatic S7-1500 / ET200SP V2.9.2 installed on FESTO Didactic MPS 200 Systems are fixed versions for CVE-2020-15782
Siemens Simatic S7-1500 / ET200SP V2.9.2 installed on FESTO Didactic MPS 400 Systems are fixed versions for CVE-2020-15782

For more information see the associated Festo SE & Co. KG security advisory FSA-202405 VDE-2024-055: Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.
5. UPDATE HISTORY

July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202405 

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v3 9.8
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: FESTO Didactic
• Equipment: CP, MPS 200, MPS 400
• Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

FESTO Didactic reports that the following products are affected:

• FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic CP including S7 PLC(All versions): All versions
• FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 200 Systems(All versions): All versions
• FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 400 Systems(All versions): All versions

3.2 VULNERABILITY OVERVIEW

3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119

SIMATIC S7-1200 and S7-1500 CPU products contain a memory protection bypass vulnerability that could allow an attacker to write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks. Siemens has released updates for several affected products and strongly recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.

CVE-2020-15782 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Germany

3.4 RESEARCHER

CERT@VDE coordinated with and supported Festo in the publication of FSA-202405.

4. MITIGATIONS

FESTO Didactic has identified the following specific workarounds and mitigations users can apply to reduce risk:

• (Product Group: FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic CP including S7 PLC(All versions), FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 200 Systems(All versions), FESTO Didactic Firmware Siemens Simatic S7-1500 / ET200SP (< V2.9.2) installed on FESTO Didactic MPS 400 Systems(All versions)), All affected products: Update Siemens Simatic S7-1500 / ET200SP Firmware to V2.9.2 or or higher

The following product versions have been fixed:

• Siemens Simatic S7-1500 / ET200SP V2.9.2 installed on FESTO Didactic CP including S7 PLC are fixed versions for CVE-2020-15782
• Siemens Simatic S7-1500 / ET200SP V2.9.2 installed on FESTO Didactic MPS 200 Systems are fixed versions for CVE-2020-15782
• Siemens Simatic S7-1500 / ET200SP V2.9.2 installed on FESTO Didactic MPS 400 Systems are fixed versions for CVE-2020-15782

For more information see the associated Festo SE & Co. KG security advisory FSA-202405 VDE-2024-055: Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability.

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

• Do not click web links or open attachments in unsolicited email messages.
• Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
• Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.

5. UPDATE HISTORY

• July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202405

 Read More

 ​View CSAF
1. EXECUTIVE SUMMARY

CVSS v3 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: FESTO
Equipment: Hardware Controller, Hardware Servo Press Kit
Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)

2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized system commands with root privileges.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
FESTO reports the following products are affected:

Festo Firmware installed on Festo Hardware Controller CECC-X-M1: Version 4.0.14
Festo Firmware installed on Festo Hardware Controller CECC-X-M1: Versions 3.8.14 and prior
Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV: Versions 3.8.14 and prior
Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV: Version 4.0.14
Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV-S1: Version 4.0.14
Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV-S1: Versions 3.8.14 and prior
Festo Firmware installed on Festo Hardware Controller CECC-X-M1-YS-L1: Versions 3.8.14 and prior
Festo Firmware installed on Festo Hardware Controller CECC-X-M1-YS-L2: Versions 3.8.14 and prior
Festo Firmware installed on Festo Hardware Controller CECC-X-M1-Y-YJKP: Versions 3.8.14 and prior
Festo Firmware installed on Festo Hardware Servo Press Kit YJKP: Versions 3.8.14 and prior
Festo Firmware installed on Festo Hardware Servo Press Kit YJKP-: Versions 3.8.14 and prior

3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78
In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-refresh-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.
CVE-2022-30311 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.2 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78
In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-acknerr-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.
CVE-2022-30310 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.3 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78
In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-web-viewer-request-off” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.
CVE-2022-30309 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.4 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78
In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-web-viewer-request-on” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.
CVE-2022-30308 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.3 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Germany

3.4 RESEARCHER
Q. Kaiser and M. Illes of ONEKEY Research Labs reported these vulnerabilities to Festo. CERT@VDE coordinated with and supported Festo in the publication of FSA-202201.
4. MITIGATIONS
FESTO recommends users update to Firmware CECC-X 4.0.18 or later versions.
For more information see the associated Festo SE & Co. KG security advisory FSA-202201 VDE-2022-020: Festo: CECC-X-M1 – command injection vulnerabilities.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
5. UPDATE HISTORY

July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202201 

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v3 9.8
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: FESTO
• Equipment: Hardware Controller, Hardware Servo Press Kit
• Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to execute unauthorized system commands with root privileges.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

FESTO reports the following products are affected:

• Festo Firmware installed on Festo Hardware Controller CECC-X-M1: Version 4.0.14
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1: Versions 3.8.14 and prior
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV: Versions 3.8.14 and prior
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV: Version 4.0.14
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV-S1: Version 4.0.14
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1-MV-S1: Versions 3.8.14 and prior
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1-YS-L1: Versions 3.8.14 and prior
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1-YS-L2: Versions 3.8.14 and prior
• Festo Firmware installed on Festo Hardware Controller CECC-X-M1-Y-YJKP: Versions 3.8.14 and prior
• Festo Firmware installed on Festo Hardware Servo Press Kit YJKP: Versions 3.8.14 and prior
• Festo Firmware installed on Festo Hardware Servo Press Kit YJKP-: Versions 3.8.14 and prior

3.2 VULNERABILITY OVERVIEW

3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78

In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-refresh-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

CVE-2022-30311 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.2.2 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78

In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-acknerr-request” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

CVE-2022-30310 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.2.3 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78

In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-web-viewer-request-off” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

CVE-2022-30309 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.2.4 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND (‘OS COMMAND INJECTION’) CWE-78

In multiple versions of Festo Controller CECC-X-M1 product family, the http-endpoint “cecc-x-web-viewer-request-on” POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

CVE-2022-30308 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Germany

3.4 RESEARCHER

Q. Kaiser and M. Illes of ONEKEY Research Labs reported these vulnerabilities to Festo. CERT@VDE coordinated with and supported Festo in the publication of FSA-202201.

4. MITIGATIONS

FESTO recommends users update to Firmware CECC-X 4.0.18 or later versions.

For more information see the associated Festo SE & Co. KG security advisory FSA-202201 VDE-2022-020: Festo: CECC-X-M1 – command injection vulnerabilities.

CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

• Do not click web links or open attachments in unsolicited email messages.
• Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
• Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.

5. UPDATE HISTORY

• July 1, 2025: Initial Republication of Festo SE & Co. KG FSA-202201

 Read More

 ​View CSAF
1. EXECUTIVE SUMMARY

CVSS v4 5.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Hitachi Energy
Equipment: Modular Switchgear Monitoring (MSM)
Vulnerability: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attackers to execute untrusted code, potentially leading to unauthorized actions or system compromise.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Hitachi Energy reports the following products are affected:

Hitachi Energy MSM: Version 2.2.9 and prior

3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION (‘CROSS-SITE SCRIPTING’) CWE-79
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources – even after sanitizing it – to one of jQuery’s DOM manipulation methods (i.e., .html(), .append(), and others) may result in the execution of untrusted code.
CVE-2020-11022 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
A CVSS v4 score has also been calculated for CVE-2020-11022. A base score of 5.3 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N).
3.3 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Energy
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Switzerland

3.4 RESEARCHER
Hitachi Energy PSIRT reported this vulnerability to CISA.
4. MITIGATIONS
Hitachi Energy has identified the following specific workarounds and mitigations users can apply to reduce risk:

Hitachi Energy MSM 2.2.9: Apply General Mitigation Factors/Workarounds

For more information see the associated Hitachi Energy PSIRT security advisory 8DBD000219 Cybersecurity Advisory – jQuery Vulnerability in Hitachi Energy’s MSM Product.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.
5. UPDATE HISTORY

July 1, 2025: Initial Republication of Hitachi Energy PSIRT 8DBD000219 

View CSAF

1. EXECUTIVE SUMMARY

• CVSS v4 5.3
• ATTENTION: Exploitable remotely/low attack complexity
• Vendor: Hitachi Energy
• Equipment: Modular Switchgear Monitoring (MSM)
• Vulnerability: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow attackers to execute untrusted code, potentially leading to unauthorized actions or system compromise.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Hitachi Energy reports the following products are affected:

• Hitachi Energy MSM: Version 2.2.9 and prior

3.2 VULNERABILITY OVERVIEW

3.2.1 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION (‘CROSS-SITE SCRIPTING’) CWE-79

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources – even after sanitizing it – to one of jQuery’s DOM manipulation methods (i.e., .html(), .append(), and others) may result in the execution of untrusted code.

CVE-2020-11022 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

A CVSS v4 score has also been calculated for CVE-2020-11022. A base score of 5.3 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N).

3.3 BACKGROUND

• CRITICAL INFRASTRUCTURE SECTORS: Energy
• COUNTRIES/AREAS DEPLOYED: Worldwide
• COMPANY HEADQUARTERS LOCATION: Switzerland

3.4 RESEARCHER

Hitachi Energy PSIRT reported this vulnerability to CISA.

4. MITIGATIONS

Hitachi Energy has identified the following specific workarounds and mitigations users can apply to reduce risk:

• Hitachi Energy MSM 2.2.9: Apply General Mitigation Factors/Workarounds

For more information see the associated Hitachi Energy PSIRT security advisory 8DBD000219 Cybersecurity Advisory – jQuery Vulnerability in Hitachi Energy’s MSM Product.

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

• Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
• Locate control system networks and remote devices behind firewalls and isolating them from business networks.
• When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.

5. UPDATE HISTORY

• July 1, 2025: Initial Republication of Hitachi Energy PSIRT 8DBD000219

 Read More

 ​CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

 CVE-2025-6543 Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. 

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.  

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

•  CVE-2025-6543 Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability

 Read More