The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
On May 8, 2025, CISA Released Five Industrial Control Systems Advisories for products used across multiple sectors. Please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- ICSA-25-128-01 Horner Automation Cscape
- ICSA-25-128-02 Hitachi Energy RTU500 series
- ICSA-25-128-03 Mitsubishi Electric CC-Link IE TSN
- ICSA-25-093-01 Hitachi Energy RTU500 Series (Update A) – Used in Energy
- ICSMA-25-128-01 Pixmeo OsiriX MD
On May 6, 2025, CISA Released Three Industrial Control Systems Advisories for products used across multiple sectors. Please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- ICSA-25-126-01 Optigo Networks ONS NC600
- ICSA-25-126-02 Milesight UG65-868M-EA – Used in Energy
- ICSA-25-126-03 BrightSign Players
Additional Alerts, Updates, and Bulletins:
- CISA Adds Two Known Exploited Vulnerabilities to Catalog
- CISA Adds One Known Exploited Vulnerability to Catalog
- CISA Adds One Known Exploited Vulnerability to Catalog
- Unsophisticated Cyber Actor(s) Targeting Operational Technology
- CISA Adds Two Known Exploited Vulnerabilities to Catalog
Related WaterISAC PIRs: 6, 8