View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. The following versions of Rockwell Automation CompactLogix 5370 are affected: CompactLogix 5370 (CVE-2025-11743) CompactLogix 5370 (CVE-2025-11743) CompactLogix 5370…
View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated attacker to escalate their privileges and control devices outside of their authorized scope. The following versions of Hubitat Elevation Hubs are affected: Elevation…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), United Kingdom’s National Cyber Security Centre (NCSC-UK), Federal Bureau of Investigation (FBI) and international partners released Secure Connectivity Principles for Operational Technology. This joint guidance, led by NCSC-UK, helps organizations…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced the successful retirement of ten Emergency Directives issued between 2019-2024. Marking a significant milestone in federal cybersecurity, this is the highest number of Emergency Directives retired by the…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced it is now participating in the Office of Personnel Management’s (OPM) CyberCorps® Scholarship for Service (SFS), offering exclusive federal career pathways to qualified students…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Venue Guide for Mitigating Dependency Disruptions, a new resource designed to strengthen the resilience of public gathering venues. This guide provides stadium and arena…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released version 2.0 of its Cross-Sector Cybersecurity Performance Goals (CPGs), offering organizations a more robust framework for integrating cybersecurity into daily operations. The updated CPGs…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo SE & Co. KG Equipment: LX Appliance Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: D-Link (India Limited), Sparsh Securitech, Securus CCTV Equipment: DCS-F5614-L1 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA), Department of Energy (DOE), Environmental Protection Agency (EPA), Department of Defense’s Cyber Crime Center (DC3), and…