Thursday, November 20, 2025

Review – 6 Advisories Published – 11-20-25

Today CISA’s NCCIC-ICS published six control system security advisories for products from Emerson, Festo (2), Opto 22, ICAM365 and Automated Logic.

Advisories

Emerson Advisory - This advisory discusses a stack-based buffer overflow vulnerability in the Emerson Appleton UPSMON-PRO.

Festo Advisory #1 - This advisory discusses an improper input validation vulnerability in the Festo Didactic products.

Festo Advisory #2 - This advisory describes a hidden functionality vulnerability in the Festo MSE6-C2M-5000 product line.

NOTE: I briefly discussed this vulnerability on September 9th, 2023. CERT-VDE updated the Festo advisory (administrative and format changes) on October 1st, 2025.

Opto 22 Advisory - This advisory describes an OS command injection vulnerability in the Opto 22 GRV Programmable Logic Controllers.

ICAM365 Advisory - This advisory describes two missing authentication for critical function vulnerabilities in the ICAM365 ROBOT PT Camera P201 and Night Vision Camera QC021.

Automated Logic Advisory - This advisory describes two vulnerabilities in multiple Automated Logic (and Carrier) products.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/6-advisories-published-11-20-25 - subscription required.
Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */