(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – December 18, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

On December 18, 2025, CISA Released Nine Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:

• Inductive Automation Ignition – Used in Energy
• Schneider Electric EcoStruxure Foxboro DCS Advisor – Used in Energy
• National Instruments LabView
• Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products
• Siemens Interniche IP-Stack
• Advantech WebAccess/SCADA – Used in Water and Wastewater Systems and Energy
• Rockwell Automation Micro820, Micro850, Micro 870
• Axis Communications Camera Station Pro, Camera Station, and Device Manager
• Mitsubishi Electric CNC Series (Update C)

On December 16, 2025, CISA Released Six Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:

• Güralp Systems FMUS (Fortimus) Series and MIN (Minimus) Series
• Johnson Controls PowerG, IQPanel and IQHub
• Hitachi Energy AFS, AFR and AFF Series – Used in Energy
• Mitsubishi Electric GT Designer3
• Johnson Controls iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 (Update A)
• Fuji Electric Monitouch V-SFT-6 (Update A)

Additional Alerts, Updates, and Bulletins:

• December 17 – CISA Adds Three Known Exploited Vulnerabilities to Catalog
• December 16 – CISA Adds One Known Exploited Vulnerability to Catalog
• December 15 – CISA Adds Two Known Exploited Vulnerabilities to Catalog
• December 12 – CISA Adds One Known Exploited Vulnerability to Catalog
• December 11 – CISA Adds One Known Exploited Vulnerability to Catalog