The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

On March 13, 2025, CISA Released Thirteen Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:

• Siemens Teamcenter Visualization and Tecnomatrix Plant Simulation
• Siemens SINEMA Remote Connect Server – Used in Water and Wastewater Systems and Energy
• Siemens SIMATIC S7-1500 TM MFP
• Siemens SiPass integrated AC5102/ACC-G2 and ACC-AP
• Siemens SINAMICS S200
• Siemens SCALANCE LPE9403
• Siemens SCALANCE M-800 and SC-600 Families
• Siemens Tecnomatix Plant Simulation
• Siemens OPC UA – Used in Water and Wastewater Systems and Energy
• Siemens SINEMA Remote Connect Client – Used in Water and Wastewater Systems and Energy
• Siemens SIMATIC IPC Family, ITP1000, and Field PGs
• Sungrow iSolarCloud Android App and WiNet Firmware – Used in Energy
• Philips Intellispace Cardiovascular (ISCV)

On March 11, 2025, CISA Released Two Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:

• ICSA-25-070-01 Schneider Electric Uni-Telway Driver  – Used in Energy
• ICSA-25-070-02 Optigo Networks Visual BACnet Capture Tool/Optigo Visual Networks Capture Tool

Additional Alerts, Updates, and Bulletins:

• March 13 - CISA Adds Two Known Exploited Vulnerabilities to Catalog
• March 11 - CISA Adds Six Known Exploited Vulnerabilities to Catalog
• March 10 - CISA Adds Five Known Exploited Vulnerabilities to Catalog
• CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware

Related WaterISAC PIRs: 6, 7, 8, 10, 12