(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – November 20, 2025
Created: Thursday, November 20, 2025 - 16:15
Categories: Cybersecurity, Federal & State Resources, Security Preparedness
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
On November 20, 2025, CISA Released Six Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- Automated Logic WebCTRL Premium Server
- ICAM365 CCTV Camera Multiple Models
- Opto 22 GRV-EPIC and GRV-RIO
- Festo MSE6-C2M/D2M/E2M
- Festo Didactic products – Used in Energy
- Emerson Appleton UPSMON-PRO
On November 18, 2025, CISA Released Six Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
- Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio – Used in Energy
- Shelly Pro 4PM
- Shelly Pro 3EM
- Schneider Electric PowerChute Serial Shutdown
- METZ CONNECT EWIO2
- Schneider Electric EcoStruxure (Update B) – Used in Energy
Additional Alerts, Updates, and Bulletins:
- November 19 – CISA Adds One Known Exploited Vulnerability to Catalog
- November 19 – CISA Releases Guide to Mitigate Risks from Bulletproof Hosting Providers
- November 18 – CISA Adds One Known Exploited Vulnerability to Catalog
- November 14 – Fortinet Releases Security Advisory for Relative Path Traversal Vulnerability Affecting FortiWeb Products
- November 14 – CISA Adds One Known Exploited Vulnerability to Catalog