ICS Critical Vulnerabilities - 20250613002

Overview

CISA has released multiple critical advisories for Industrial Control Systems (ICS) related vendors.

What is vulnerable?

Vendor	CVE	CVSS v4/v3	Severity
Siemens	CVE-2025-40585	9.9	Critical
PTZOptics	CVE-2025-35452 CVE-2025-35451 CVE-2024-8956	9.8 9.8 9.1	Critical Critical Critical

Recommendation

The WA SOC recommends administrators review relevant advisories and apply the recommended actions to all affected devices.

• CISA: https://www.cisa.gov/news-events/alerts/2025/06/12/cisa-releases-ten-industrial-control-systems-advisories