CISA Weekly Intelligence Brief on Security Alerts and Vulnerabilities - Week of November 10, 2025

Key Takeaways

• CISA added multiple vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalog due to active exploitation risks.
• Recent advisories include updates from vendors such as Microsoft, Delta Electronics, and Schneider Electric.
• Security warnings have been issued related to vulnerabilities in ICS and software used in various industries.
• Organizations are urged to prioritize cybersecurity updates and adhere to recommended mitigation practices.
• Various vulnerabilities presented pose risks of code execution and unauthorized access.

The Cybersecurity and Infrastructure Security Agency (CISA) added several new vulnerabilities to its KEV Catalog, highlighting the urgency for timely remediation. Notable among them are CVE-2025-21042 connected to Samsung Mobile devices and vulnerabilities in Dassault Systèmes products.

CISA’s latest updates underscore vulnerabilities found in various software applications that can have far-reaching impacts. Recent issues reported include one in the expr-eval JavaScript library allowing arbitrary code execution and another in Microsoft’s Windows Server Update Service (CVE-2025-59287), which poses risks of remote unauthorized access.

Organizations utilizing software from affected vendors are strongly urged to review security advisories. Mitigation measures include the implementation of security patches and proactive security management practices. CISA recommends decommissioning outdated Exchange servers to minimize risks associated with unprotected endpoints.

Additionally, vulnerabilities in Industrial Control Systems (ICS) have been a focus in recent advisories issued by CISA. Security vulnerabilities in products by Fuji Electric and Delta Electronics showcase the ongoing need for vigilance in securing critical infrastructure against exploitation.

CISA continues to emphasize the importance of maintaining updated cybersecurity protocols as it releases further advisories. Stakeholders across sectors must remain vigilant to prevent unauthorized access and potential disruptions in operational environments.

1. CISA adds CVE-2025-21042 to KEV Catalog
   CISA emphasizes the need for timely remediation of vulnerabilities in its KEV Catalog, including the newly added CVE-2025-21042.
2. VU#263614: Vulnerability in expr-eval JavaScript library can lead to remote code execution.
   A vulnerability in the expr-eval JavaScript library could enable arbitrary code execution through malicious input by an attacker.
3. VU#517845: Authenticated Simple Mail Transfer Protocol (SMTP) users can spoof identities via ambiguous From header
   Attention to email security is crucial as attackers utilize header spoofing, impacting user trust and sender verification.
4. Microsoft issues update for critical Windows Server Update Service vulnerability, CVE-2025-59287
   CISA added CVE-2025-59287 to its KEV Catalog, highlighting its potential security threat.
5. Schneider Electric identifies EcoStruxure vulnerability
   Schneider Electric reports a vulnerability in EcoStruxure products, scoring 8.2, impacting resource allocation and service availability.
6. CISA releases three Industrial Control Systems advisories
   CISA issued three ICS Advisories on vulnerabilities in Schneider Electric and Vertikal Systems products, providing security details.
7. Vertikal Systems identifies vulnerabilities in Hospital Manager services
   CISA recommends users secure networks against vulnerabilities in Vertikal Systems' Hospital Manager Backend Services effective September 19, 2025.
8. CISA adds two Dassault Systèmes vulnerabilities to catalog
   CISA updates its KEV Catalog with two Dassault Systèmes DELMIA Apriso vulnerabilities linked to active exploitation.
9. CISA Issues Advisories on Industrial Control Systems
   CISA has issued advisories on Industrial Control Systems addressing security vulnerabilities in ISO 15118-2 and Hitachi Energy TropOS.
10. Hitachi Energy warns of TropOS vulnerabilities
    CISA advises on defensive measures against vulnerabilities in Hitachi Energy's TropOS wireless devices.
11. CISA adds CVE-2025-24893 and CVE-2025-41244 to catalog
    CISA adds CVE-2025-24893 and CVE-2025-41244 to its KEV Catalog, citing active exploitation risks.
12. Vulnerability in ISO 15118-2 Affects Electric Vehicle (EV) Chargers
    A vulnerability in ISO 15118-2 related to EV chargers carries a Common Vulnerability Scoring System (CVSS) score of 7.2, highlighting risks in transportation.
13. CISA and NSA Release Guidance for Exchange Server Security
    CISA advises decommissioning outdated Exchange servers to mitigate risks and enhance cybersecurity measures.
14. CISA adds two vulnerabilities to the KEV Catalog
    CISA continues to update its KEV Catalog, urging all organizations to prioritize remediation of active vulnerabilities.
15. Survision License Plate Recognition Camera vulnerability
    CISA warns that a vulnerability in Survision's LPR Camera could lead to unauthorized access; users should implement security measures.
16. IDIS reports Intent Classification Module (ICM) Viewer vulnerability allowing code execution
    CISA warns users of ICM Viewer (v1.6.0.10) to address a vulnerability that allows arbitrary code execution. Immediate action needed.
17. Fuji Electric Monitouch V-SFT-6 Security Risks
    CISA alerts users on stack and heap overflows in Fuji Electric’s Monitouch V-SFT-6; cybersecurity measures recommended.
18. CISA publishes five advisories on Industrial Control Systems
    CISA issues five advisories on Industrial Control Systems, detailing vulnerabilities in products from Fuji Electric and Delta Electronics.
19. Delta Electronics issues CNCSoft-G2 advisory
    A vulnerability in Delta Electronics' CNCSoft-G2 could allow arbitrary code execution. Users are urged to update to 2.1.0.34.
20. Radiometrics reports VizAir vulnerabilities affecting airport operations
    CISA cautions about vulnerabilities in Radiometrics VizAir, urging users to adopt security measures following software updates.