The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
On May 22, 2025, CISA Released Two Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- Lantronix Device Installer
- Rockwell Automation FactoryTalk Historian ThingWorx
On May 20, 2025, CISA Released Thirteen Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- ABUP IoT Cloud Platform
- National Instruments Circuit Design Suite
- Danfoss AK-SM 8xxA Series
- Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products
- Siemens Siveillance Video
- Schneider Electric PrismaSeT Active - Wireless Panel Server – Used in Energy
- Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL – Used in Energy
- Schneider Electric Modicon Controllers – Used in Energy
- AutomationDirect MB-Gateway
- Vertiv Liebert RDU101 and UNITY – Used in Energy
- Assured Telematics Inc (ATI) Fleet Management System with Geotab Integration
- Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update B) – Used in Energy
- Schneider Electric EcoStruxure Power Build Rapsody (Update A) – Used in Water and Wastewater Systems and Energy
Additional Alerts, Updates, and Bulletins:
- May 22 - CISA Adds One Known Exploited Vulnerability to Catalog
- May 19 - CISA Adds Six Known Exploited Vulnerabilities to Catalog
- May 15 - CISA Adds Three Known Exploited Vulnerabilities to Catalog
- New Best Practices Guide for Securing AI Data Released
- Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware
- Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies
