Serial number: AV25-782
Date: November 24, 2025
Between November 17 and 23, 2025, CISA published ICS advisories to address vulnerabilities in the following products:
- Automated Logic Carrier i-Vu – multiple versions
- Automated Logic SiteScan Web – multiple versions
- Automated Logic WebCTRL Server – multiple versions
- Automated Logic WebCTRL for OEMs – multiple versions
- Emerson Appleton UPSMON-PRO – versions 2.6 and prior
- Festo Didactic Siemens TIA-Portal V15/V18 prior to V17/V18 Update 6/1 installed on Festo Hardware MES PC – all versions
- Festo Didactic Siemens TIA-Portal V15/V18 prior to V17/V18 Update 6/1 installed on Festo Hardware TP260 (<June2023) – all versions
- Festo MSE6-C2M/D2M/E2M (multiple models) – all versions
- ICAM365 Night Vision Camera QC021 – versions 43.4.0.0 and prior
- ICAM365 ROBOT PT Camera P201 – versions 43.4.0.0 and prior
- METZ CONNECT EWIO2 (multiple models) – all versions
- Opto 22 GRV-EPIC-PR1/GRV-EPIC-PR2 Firmware – versions prior to 4.0.3
- Opto 22 groov RIO GRV-R7-MM1001-10/ GRV-R7-MM2001-10/GRV-R7-I1VAPM-3 Firmware – versions prior to 4.0.3
- Schneider Electric EcoStruxure Machine SCADA Expert – versions prior to 2023.1 Patch 1
- Schneider Electric PowerChute Serial Shutdown – versions 1.3 and prior
- Schneider Electric Pro-face BLUE Open Studio – versions prior to 2023.1 Patch 1
- Shelly Pro 3EM – all versions
- Shelly Pro 4PM – version prior to v1.6
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.