CISA issues 12 advisories on industrial control systems

CISA published 12 Industrial Control Systems advisories addressing security issues, vulnerabilities, and exploits affecting products including Johnson Controls iSTAR and iSTAR Ultra, AzeoTech DAQFactory, multiple Siemens components, OpenPLC_V3, Grassroots DICOM (GDCM), and Varex Imaging Panoramic Dental Imaging Software.

The notices are identified as ICSA-25-345-01 Johnson Controls iSTAR; ICSA-25-345-02 Johnson Controls iSTAR Ultra; ICSA-25-345-03 AzeoTech DAQFactory; ICSA-25-345-04 Siemens Identity Access Management (IAM) Client; ICSA-25-345-05 Siemens Advanced Licensing (SALT) Toolkit; ICSA-25-345-06 Siemens SINEMA Remote Connect Server; ICSA-25-345-07 Siemens Building X - Security Manager Edge Controller; ICSA-25-345-08 Siemens Energy Services; ICSA-25-345-09 Siemens Gridscale X Prepay; ICSA-25-345-10 OpenPLC_V3; ICSMA-25-345-01 Grassroots DICOM (GDCM); and ICSMA-25-345-02 Varex Imaging Panoramic Dental Imaging Software.

Collectively, the advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding industrial control systems.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Administrators and users should consult each advisory to obtain the technical details and mitigations it contains.

Dataminr listed in AWS Marketplace through Carahsoft

Nvidia Broadcom Zscaler and others report Feb 2026 - Week of February 9, 2026

CompTIA partners with SGInnovate on Singapore upskilling program