Common Vulnerability Scoring System is a standardized framework for assigning numeric severity scores to software and hardware security vulnerabilities, enabling enterprises to compare issues consistently, prioritize remediation, automate vulnerability management workflows, and align technical findings with organizational risk and compliance practices.
November 27, 2025
A vulnerability in Opto 22's GRV-EPIC and groov RIO devices allows remote command execution with root privileges. Affected firmware versions are prior to 4.0.3. A patch is available, and CISA recommends network security measures.
November 27, 2025
A vulnerability in Siemens TIA-Portal software used in Festo Didactic products allows potential arbitrary file creation or overwriting and code execution. Users are advised to update affected software versions and apply recommended cybersecurity practices to mitigate social engineering risks.
November 27, 2025
A vulnerability affecting Festo's MSE6-C2M/D2M/E2M product family has been identified, involving hidden functions in undocumented test mode exploitable remotely by authenticated, low-privilege attackers. Mitigation includes updated documentation and network defense measures, with no public exploitation reported.
November 27, 2025
A stack-based buffer overflow in Emerson's Appleton UPSMON-PRO allows remote code execution via UDP port 2601 in versions 2.6 and earlier.
November 27, 2025
Vulnerabilities in iCam365 P201 and QC021 cameras allow unauthorized access to video streams and settings due to missing authentication.
November 27, 2025
Automated Logic's WebCTRL Premium Server vulnerabilities allow redirection and script attacks; fixed in version 9.0 with mitigation advice.