Multiple Security Advisories for Enterprise and Industrial Products (Late October–Early November 2025)
Vendors including Hitachi Energy, Schneider Electric, ABB, Ubiquiti, Dell, IBM, Red Hat, Ubuntu, and Microsoft released security advisories between October 27 and November 3, 2025, addressing vulnerabilities across a wide range of enterprise, industrial, and cloud products. Notable advisories include CISA's ICS alerts for control systems, a critical flaw in ABB's PCM600 software (CVE-2018-1002208), a critical vulnerability in Ubiquiti's UniFi Access Application (CVE-2025-52665), and updates for Microsoft Edge, Red Hat Enterprise Linux, Ubuntu LTS versions, and multiple Dell and IBM products. Organizations are urged to review the advisories, apply recommended mitigations, and update affected systems to reduce exposure to exploitation.
The advisories highlight vulnerabilities that could allow remote code execution, privilege escalation, or unauthorized access if left unpatched. The Canadian Centre for Cyber Security and CISA emphasize the importance of timely patching and mitigation, especially for products deployed in critical infrastructure and enterprise environments. Administrators should consult the official vendor advisories for detailed remediation steps and monitor for further updates as new vulnerabilities are disclosed and addressed.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Canadian Centre for Cyber Security publishes vendor security advisories
On November 3, 2025, the Canadian Centre for Cyber Security published additional security advisories for Microsoft Edge, Red Hat, Ubuntu, ABB, IBM, Dell, and Ubiquiti. The provided references do not include technical details beyond the advisory topics.
Canadian Centre for Cyber Security issues notice on CISA ICS advisories
On November 3, 2025, the Canadian Centre for Cyber Security published notice AV25-718 highlighting the recent CISA ICS advisories and urging administrators to review the guidance, apply mitigations, and install updates where available.
CISA publishes multiple ICS security advisories
Between October 27 and November 2, 2025, CISA published multiple ICS advisories covering vulnerabilities in Hitachi Energy TropOS 4th Gen Firmware, the ISO 15118-2 EV charging communications standard, Schneider Electric EcoStruxure servers, and Vertikal Systems Hospital Manager Backend Services. The advisories included recommended mitigations and updates where available.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
8 references tracked. Mallory keeps watching after this page renders.
[Control systems] CISA ICS security advisories (AV25–718)
cyber.gc.ca
Open sourceMicrosoft Edge security advisory (AV25-720)
cyber.gc.ca
Open sourceRed Hat security advisory (AV25-717)
cyber.gc.ca
Open sourceUbuntu security advisory (AV25-716)
cyber.gc.ca
Open source[Control systems] ABB security advisory (AV25-719)
cyber.gc.ca
Open sourceIBM security advisory (AV25-714)
cyber.gc.ca
Open sourceDell security advisory (AV25-715)
cyber.gc.ca
Open sourceUbiquiti security advisory (AV25-721)
cyber.gc.ca
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Multiple Security Advisories for Enterprise and Industrial Products
Several major vendors, including Dell, IBM, and CISA, have released security advisories addressing vulnerabilities in a wide range of enterprise and industrial control system products. Dell's advisories cover critical updates for products such as APEX Cloud Platform for Red Hat OpenShift, Enterprise SONiC Distribution, NetWorker, PowerSwitch models, and iDRAC controllers, urging administrators to apply patches to mitigate potential risks. IBM has similarly published advisories for multiple products, while CISA has issued alerts for vulnerabilities in industrial control systems from vendors like ABB, Advantech, Delta Electronics, Fuji Electric, IDIS, Radiometrics, Survision, and Ubia, recommending prompt mitigation and updates. In addition to these broad advisories, a critical denial-of-service vulnerability (CVE-2024-20399) was identified in Cisco's Identity Services Engine (ISE), which could allow unauthenticated attackers to crash network access control systems by exploiting the RADIUS protocol. Cisco has provided both temporary and permanent mitigation steps for affected versions. Separately, CISA added a Samsung Mobile Devices out-of-bounds write vulnerability (CVE-2025-21042) to its Known Exploited Vulnerabilities Catalog, highlighting the ongoing risk posed by actively exploited flaws and urging organizations to prioritize remediation to protect against cyber threats.
Mar 21, 2026
Multiple Vendor Security Advisories for Critical Vulnerabilities
Several major technology vendors, including Automated Logic, Emerson, Festo, ICAM365, METZ CONNECT, Opto 22, Schneider Electric, Shelly, Ubuntu, Dell, and IBM, have published security advisories addressing critical vulnerabilities in their products. The Canadian Centre for Cyber Security has highlighted these advisories, urging users and administrators to review the details and apply necessary mitigations and updates. Affected products span industrial control systems, Linux distributions, enterprise storage, backup solutions, and various hardware and software platforms, underscoring the broad impact of these vulnerabilities across sectors. The advisories cover a range of issues, from multiple vulnerabilities in industrial automation and SCADA systems to kernel-level flaws in all supported Ubuntu LTS and current releases, as well as security weaknesses in Dell's storage and recovery solutions and unspecified IBM products. Organizations are strongly encouraged to consult the official advisories for each vendor and implement recommended patches and mitigations to reduce the risk of exploitation and maintain operational security.
Mar 21, 2026
October 2025 Enterprise Software and ICS Security Advisories and Patch Releases
Major enterprise software vendors and industrial control system (ICS) security authorities released coordinated security advisories and patches between October 6 and 14, 2025, addressing critical vulnerabilities across a wide range of products. IBM published multiple security advisories for its products, urging users and administrators to review the details and apply necessary updates to mitigate potential exploitation risks. Dell issued a security advisory for its SupportAssist software for both Home and Business PCs, highlighting a vulnerability in versions prior to 4.8.2.29006 and 4.5.3.25254, respectively, and recommending immediate updates. Red Hat released advisories for vulnerabilities in the Linux kernel affecting several of its enterprise products, including Red Hat CodeReady Linux Builder, Red Hat Enterprise Linux, and Red Hat Enterprise Linux for Real Time, across multiple versions and platforms. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published ICS advisories for vulnerabilities in products from Delta Electronics, Hitachi Energy, and Rockwell Automation, with specific attention to various versions of DIAScreen, Asset Suite, and multiple Rockwell Automation network and firewall solutions, recommending mitigations and updates where available. SAP released its October 2025 monthly security rollup, which included patches for a broad set of products such as SAP NetWeaver AS Java, SAP Print Service, SAP Supplier Relationship Management, SAP Commerce Cloud, SAP Data Hub Integration Suite, SAP Application Server for ABAP, SAP S/4HANA, SAP Financial Service Claims Management, SAP BusinessObjects, and SAP Cloud Appliance Library Appliances. The SAP advisories specifically addressed vulnerabilities in NetWeaver, including unauthenticated remote code execution (RCE) risks, and provided detailed guidance for affected versions. Security researchers highlighted the criticality of the SAP NetWeaver flaw, emphasizing the unauthenticated RCE risk and the urgent need for patching to prevent potential exploitation. The coordinated release of these advisories underscores the ongoing threat landscape facing enterprise and ICS environments, where timely patching and mitigation are essential to maintaining security. Organizations are strongly encouraged to review all relevant advisories, assess their exposure, and implement recommended updates and mitigations without delay. The advisories reflect a broad spectrum of vulnerabilities, from privilege escalation and RCE to authentication bypass and information disclosure, affecting both IT and OT environments. The inclusion of ICS products in the advisories highlights the convergence of IT and OT security concerns and the need for cross-domain vigilance. The security community and government agencies continue to collaborate in disseminating timely information to help organizations defend against emerging threats. The October 2025 patch cycle demonstrates the complexity and interdependence of modern enterprise and industrial systems, where vulnerabilities in widely deployed products can have far-reaching consequences. Proactive vulnerability management, including regular review of vendor advisories and prompt application of patches, remains a cornerstone of effective cybersecurity strategy. Failure to address these advisories could leave organizations exposed to targeted attacks, ransomware, or disruption of critical business and industrial operations. The breadth of affected products and vendors in this cycle serves as a reminder of the persistent and evolving nature of cyber risk in the digital enterprise.
Mar 21, 2026