Skip to main content

Weekly Intelligence Brief on Security Alerts and Vulnerabilities - Week of September 22, 2025

September 23, 2025

Key Takeaways

  • CISA issued advisories on vulnerabilities affecting Schneider Electric, Siemens, and Hitachi Energy products.
  • New vulnerabilities in Honeywell and Delta Electronics products prompted recommendations for mitigation.
  • LangChainGo and Sunshine for Windows reported vulnerabilities necessitating immediate updates to address security risks.
  • CISA has ceased updates on Siemens Industrial Control Systems (ICS) security advisories due to various identified vulnerabilities.
  • Malware Analysis Report on Ivanti EPMM details threats and offers detection and mitigation guidance.

CISA has been active in addressing a range of vulnerabilities across multiple industrial control system (ICS) products in the past month. On September 4, five advisories were released detailing vulnerabilities in Honeywell and Delta Electronics products, among others. Organizations must adhere to the provided technical details and implement suggested mitigations in response to these vulnerabilities.

On January 10, CISA confirmed it would cease updates on security advisories for Siemens ICS products, including critical actions required in reaction to identified vulnerabilities. Stakeholders are directed to Siemens' ProductCERT for the latest information and recommendations to secure their systems.

The past month also underscored the necessity for timely updates, as evidenced by vulnerabilities reported in Sunshine for Windows and LangChainGo. Both software applications received critical updates aimed at preventing potential exploitation by attackers. Users are encouraged to upgrade to the latest software versions to enhance security posture.

Additionally, CISA released a Malware Analysis Report on Ivanti Endpoint Manager Mobile, outlining malware associated with two specific threats and recommending robust monitoring and upgrading measures for affected systems.

Organizations should regularly review the advisories issued, assess their cybersecurity strategies, and follow the outlined recommendations to strengthen their defenses against exploitation of these vulnerabilities.

  1. CISA releases five ICS advisories
    CISA issued five advisories on Sept. 4, 2025, detailing vulnerabilities in ICS from various vendors.
  2. CISA to halt updates on Siemens ICS advisories
    CISA will stop updating Siemens ICS advisories effective Jan. 10, 2023, amid critical vulnerabilities affecting SIVaaS.
  3. LangChainGo vulnerability CVE-2025-9556 identified
    An update for LangChainGo introduced a RenderTemplateFS function to mitigate template injection risks; users should upgrade now.
  4. CISA stops Siemens ICS security advisory updates
    CISA stops updating Siemens ICS security advisories as of January 10, 2023, due to new vulnerabilities found in some devices.
  5. CISA halts Siemens ICS security updates
    CISA halts updates on Siemens ICS security advisories, including a privilege management flaw in SINAMICS Drives.
  6. Sunshine for Windows vulnerabilities allow code execution
    Mitigations for Sunshine vulnerabilities include restricting PATH variables and quoting service paths in configurations.
  7. Schneider Electric's Modicon M340 vulnerability report
    CISA highlights risk from Schneider Electric's Modicon M340 due to remote access flaws; proactive measures recommended.
  8. Schneider Electric exposes EcoStruxure vulnerabilities
    EcoStruxure servers and workstations have vulnerabilities that can impact sensitive data security, according to Schneider Electric.
  9. CISA stops Siemens ICS security advisories
    CISA ends updates on Siemens ICS advisories as of January 10, 2023, addressing vulnerabilities in the User Management Component.
  10. CISA ends updates for Siemens ICS vulnerabilities
    CISA stops updating Siemens ICS security advisories as of January 10, 2023, impacting SINEC Operating System (OS) vulnerabilities.
  11. Schneider Electric reports vulnerability in Altivar products
    A Cross-Site Scripting (XSS) issue in Schneider Electric's hardware may allow unauthorized data access, affecting several product versions.
  12. Hitachi Energy reports vulnerabilities in RTU500 series
    CISA advises users on security measures following Hitachi Energy's vulnerability disclosure for RTU500 series devices.
  13. CISA ceases Siemens ICS product advisory updates
    CISA halts updates on ICS security advisories for Siemens products, revealing vulnerabilities in several devices and offering risk evaluations.
  14. Delta Electronics reports DIALink vulnerabilities
    DIALink software from Delta Electronics is affected by security vulnerabilities, prompting users to upgrade to version 1.8.0.0.
  15. CISA discontinues Siemens ICS advisory updates
    CISA will stop updating Siemens ICS security advisories from January 10, 2023, impacting several products due to identified vulnerabilities.
  16. CISA issues eight advisories on ICS
    CISA issued eight advisories on September 16, 2025, regarding vulnerabilities in ICS from various manufacturers.
  17. Daikin Security Gateway vulnerability update
    CISA reported vulnerabilities in Daikin Security Gateway, highlighting potential unauthorized system access and mitigation advice.
  18. CISA to end Siemens ICS security advisories updates
    CISA will halt updates on Siemens ICS security advisories, impacting Industrial Edge Management OS, effective Jan. 10, 2023.
  19. Siemens halts ICS security advisories after January 10, 2023
    A vulnerability in Siemens SIMOTION Tools could allow local privilege escalation, prompting recommendations for mitigation.
  20. CISA issues Malware Analysis Report on Ivanti EPMM threats
    CISA's Malware Analysis Report highlights malware linked to Ivanti Endpoint Manager Mobile, offering detection and mitigation guidance.

Related Perspectives

CISA Halts Advisories on Siemens COMOS Vulnerabilities

November 20, 2025

CISA will no longer update advisories for Siemens vulnerabilities. Two critical vulnerabilities in COMOS were identified, allowing for potential code execution and data infiltration. Siemens recommends updating to version 10.4.5 or later and provides mitigations to reduce risks of exploitation.