The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

On February 20, 2025, CISA Released Eight Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:

• ABB ASPECT-Enterprise, NEXUS, and MATRIX Series
• ABB FLXEON Controllers
• Carrier Block Load
• Siemens SiPass Integrated – Used in Energy
• Rapid Response Monitoring My Security Account App
• Elseta Vinci Protocol Analyzer
• Mitsubishi Electric CNC Series (Update A) – Used in Energy
• Medixant RadiAnt DICOM Viewer

On February 18, 2025, CISA Released Two Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:

• Delta Electronics CNCSoft-G2 (Update A) – Used in Energy
• Rockwell Automation GuardLogix 5380 and 5580 (Update A)

Additional Alerts, Updates, and Bulletins

• February 20 - CISA Adds Two Known Exploited Vulnerabilities to Catalog
• February 18 - CISA Adds Two Known Exploited Vulnerabilities to Catalog
• CISA and Partners Release Advisory on Ghost (Cring) Ransomware

Related WaterISAC PIRs: 6, 7, 8, 10, 12