CyberSecurityBoard
Sponsor Register Login

ICS Advisory (ICSA-25-308-04) - CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-308-04, addressing critical vulnerabilities in Schneider Electric's Modicon M580 and M340 Programmable Logic Controllers (PLCs). These vulnerabilities could allow remote attackers to execute arbitrary code or cause denial of service, posing significant risks to industrial environments. The advisory details the affected products, the nature of the vulnerabilities, and recommended mitigation strategies to protect critical infrastructure. This alert underscores the importance of timely patching and robust cybersecurity practices in industrial control systems to prevent exploitation by threat actors. Organizations using Schneider Electric PLCs are urged to review the advisory, apply patches, and implement recommended security measures to safeguard their operational technology environments. The advisory also highlights the collaboration between CISA, Schneider Electric, and other stakeholders to enhance ICS security and resilience against emerging cyber threats.

This Cyber News was published on www.cisa.gov. Publication date: Tue, 04 Nov 2025 17:20:23 +0000


Cyber News related to ICS Advisory (ICSA-25-308-04) - CISA

Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
1 year ago Securelist.com
ICS Advisory (ICSA-25-238-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-238-03, addressing critical vulnerabilities in Schneider Electric's Modicon M580 and M340 Programmable Logic Controllers ...
2 months ago Cisa.gov CVE-2023-34362 CVE-2023-34363
ICS Advisory (ICSA-25-261-07) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory, ICSA-25-261-07, addressing critical vulnerabilities in industrial control systems (ICS). This advisory highlights significant security risks that could potentially ...
1 month ago Cisa.gov CVE-2023-3519 CVE-2023-3520
ICS Advisory (ICSA-25-261-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an important Industrial Control Systems (ICS) advisory, ICSA-25-261-03, addressing critical vulnerabilities that impact industrial environments. This advisory highlights the ...
1 month ago Cisa.gov CVE-2023-3519 CVE-2023-3520
Threat landscape for industrial automation systems, Q1 2024 - In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Percentage of ICS ...
1 year ago Securelist.com
ICS Advisory (ICSA-25-254-02) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory identified as ICSA-25-254-02 addressing critical vulnerabilities in industrial control systems (ICS). This advisory highlights the importance of securing ICS ...
2 months ago Cisa.gov CVE-2023-3519 CVE-2023-3520
ICS Advisory (ICSA-25-245-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued ICS Advisory ICSA-25-245-03 to address critical vulnerabilities affecting industrial control systems (ICS). This advisory highlights the importance of timely patching and ...
2 months ago Cisa.gov CVE-2023-3519 CVE-2023-3520 CVE-2023-3521
ICS Advisory (ICSA-25-254-09) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) advisory, ICSA-25-254-09, addressing critical vulnerabilities in specific ICS products. This advisory highlights the importance of securing ...
2 months ago Cisa.gov CVE-2023-3519 CVE-2023-3520
ICS Advisory (ICSA-25-266-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory, ICSA-25-266-03, addressing critical vulnerabilities in industrial control systems (ICS). This advisory highlights the importance of securing ICS environments ...
1 month ago Cisa.gov CVE-2023-3519 CVE-2023-3520
ICS Advisory (ICSA-25-273-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-273-03, addressing critical vulnerabilities in specific ICS products. This advisory highlights the importance of timely ...
1 month ago Cisa.gov CVE-2023-27303
ICS Advisory (ICSA-25-308-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) issued ICS Advisory ICSA-25-308-03 addressing critical vulnerabilities in Schneider Electric's EcoStruxure Control Expert software. These vulnerabilities could allow remote attackers to ...
1 week ago Cisa.gov CVE-2023-34362 CVE-2023-34363 CVE-2023-34364 CVE-2023-34365
ICS Advisory (ICSA-25-289-04) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory, ICSA-25-289-04, addressing critical vulnerabilities in industrial control systems (ICS). This advisory highlights the importance of securing ICS environments ...
3 weeks ago Cisa.gov CVE-2023-3519 CVE-2023-3520
ICS Advisory (ICSA-25-254-10) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) advisory, ICSA-25-254-10, addressing critical vulnerabilities in specific ICS products. This advisory highlights the importance of timely ...
2 months ago Cisa.gov CVE-2023-3519 CVE-2023-3520
ICS Advisory (ICSA-25-254-07) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released ICS Advisory ICSA-25-254-07 addressing critical vulnerabilities in Schneider Electric's Modicon M580 and M340 Programmable Logic Controllers (PLCs). These vulnerabilities could ...
2 months ago Cisa.gov CVE-2023-34362 CVE-2023-34363 CVE-2023-34364 CVE-2023-34365 CVE-2023-34366
ICS Advisory (ICSA-25-308-05) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) advisory, ICSA-25-308-05, addressing critical vulnerabilities in specific ICS products. This advisory highlights the importance of timely ...
1 week ago Cisa.gov CVE-2023-3519 CVE-2023-3520
ICS Advisory (ICSA-25-259-04) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory, ICSA-25-259-04, addressing critical vulnerabilities in industrial control systems (ICS). This advisory highlights the importance of securing ICS environments ...
1 month ago Cisa.gov CVE-2023-3519 CVE-2023-3520 CVE-2023-3521
ICS Advisory (ICSA-25-294-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-294-03, addressing critical vulnerabilities in specific ICS products. This advisory highlights the importance of timely ...
3 weeks ago Cisa.gov CVE-2024-29403
ICS Advisory (ICSA-25-240-06) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory, ICSA-25-240-06, addressing critical vulnerabilities in industrial control systems (ICS). This advisory highlights the importance of securing ICS environments ...
2 months ago Cisa.gov CVE-2025-24006
ICS Advisory (ICSA-25-254-04) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued ICS Advisory ICSA-25-254-04 addressing critical vulnerabilities in Schneider Electric's EcoStruxure Control Expert software. These vulnerabilities could allow remote attackers to ...
2 months ago Cisa.gov CVE-2023-34362 CVE-2023-34363 CVE-2023-34364 CVE-2023-34365
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com
ICS Advisory (ICSA-25-308-01) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-308-01, addressing critical vulnerabilities in Schneider Electric's EcoStruxure Control Expert software. These ...
1 week ago Cisa.gov CVE-2023-34362 CVE-2023-34363
ICS Advisory (ICSA-25-273-05) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-273-05, addressing critical vulnerabilities in Schneider Electric's Modicon M580 and M340 Programmable Logic Controllers ...
1 month ago Cisa.gov CVE-2023-34362 CVE-2023-34363
ICS Advisory (ICSA-25-261-01) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-261-01, addressing critical vulnerabilities in specific ICS products. This advisory highlights the importance of timely ...
1 month ago Cisa.gov CVE-2023-26101
CISA | ICS Advisory (ICSA-25-273-04) Schneider Electric EcoStruxure Control Expert Vulnerabilities - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory (ICSA-25-273-04) regarding multiple vulnerabilities found in Schneider Electric's EcoStruxure Control Expert software. These vulnerabilities could allow an attacker to ...
1 month ago Cisa.gov CVE-2023-34362 CVE-2023-34363 CVE-2023-34364 CVE-2023-34365
ICS Advisory (ICSA-25-308-04) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-308-04, addressing critical vulnerabilities in Schneider Electric's Modicon M580 and M340 Programmable Logic Controllers ...
1 week ago Cisa.gov CVE-2023-34362 CVE-2023-34363

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)