CISA will proactively engage international partners to strengthen the security and resilience of our nation’s critical infrastructure WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released its 2025–2026 International Strategic Plan, the agency’s first,…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) launched a new one-stop shop website for election threat updates from CISA and our federal government partners. As foreign actors continue their efforts to influence and…
WASHINGTON: The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China. After the FBI identified specific malicious activity targeting the sector, the FBI and the Cybersecurity…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: iniNet Solutions Equipment: SpiderControl SCADA PC HMI Editor Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: VIMESA Equipment: VHF/FM Transmitter Blue Plus Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: low attack complexity/public exploits are available Vendor: Deep Sea Electronics Equipment: DSE855 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the United States Postal Inspection Service (USPIS) joined together to release an Election Mail Security Public Service Announcement (PSA) and a training video for…
WASHINGTON – The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued their final four-part joint public service announcement (PSA) today titled “Just So You Know: Foreign Threat Actors Likely…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: CNC Series Vulnerability: Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elvaco Equipment: M-Bus Metering Gateway CMe3100 Vulnerabilities: Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Improper Neutralization…