cvss

Microsoft’s CVE title and the CVSS Attack Vector are answering two different — but complementary — questions: the CVE headline “Remote Code Execution” signals attacker origin and impact, while the CVSS Attack Vector value AV:L (Local) documents where the vulnerable code is executed at the moment...

Microsoft’s decision to label CVE-2025-62561 as a “Microsoft Excel Remote Code Execution Vulnerability” while its published CVSS vector lists Attack Vector as Local (AV:L) is not a contradiction but a reflection of two different communication goals: the CVE title describes what an attacker can...

Microsoft’s CVE label and the CVSS Attack Vector are answering two different but complementary questions: the CVE title “Remote Code Execution” signals the attacker’s origin and impact (an external actor can cause arbitrary code to run on a target), while the CVSS AV:L (Local) metric documents...

Microsoft’s short advisory phrasing and the CVSS vector are answering two different questions: the CVE title signals the attacker’s position and the impact (an external actor can cause arbitrary code to run on a victim machine), while the CVSS Attack Vector (AV:L) records the technical location...

Microsoft’s labeling of CVE-2025-59226 as a “Remote Code Execution” issue while its CVSS Attack Vector is listed as AV:L (Local) is not an error — it’s a product of two different conventions answering two different questions: what the bug allows an attacker to accomplish, and how the attacker...

Microsoft’s CVE naming can look contradictory at a glance: a Microsoft Office entry labeled “Remote Code Execution” while its CVSS vector reads AV:L (Local). That apparent mismatch is not a mistake — it’s a product of two separate, sensible conventions colliding: one is a vendor‑level...

Hitachi Energy’s Service Suite is the subject of a high‑severity security advisory republished by vendor PSIRT and reflected in government guidance: a deserialization flaw tied to Oracle WebLogic (CVE‑2020‑2883) is implicated in the Service Suite advisory, and the combined risk profile is rated...

Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...

CISA’s latest bulletin — a compact but consequential package released on September 11, 2025 — flags eleven Industrial Control Systems (ICS) advisories affecting major automation vendors and field devices, including multiple Siemens engineering and network products, several Schneider Electric...

Microsoft has published an advisory for CVE-2025-54906, a Microsoft Office vulnerability described as a “free of memory not on the heap” condition that can lead to local remote‑code‑execution (RCE) when a user opens or previews a specially crafted Office document; Microsoft lists the...

Rockwell Automation’s FactoryTalk Analytics LogixAI has a serious configuration weakness that demands immediate attention from OT and IT teams: CISA republished an advisory assigning CVE-2025-9364 to an overly permissive Redis instance used by LogixAI, calling out exposure of sensitive system...

Rockwell Automation’s ControlLogix 5580 family has a newly republished advisory that raises the alarm for industrial operators: a remotely exploitable NULL pointer dereference in firmware version 35.013 can force a major nonrecoverable fault (MNRF) on affected controllers, producing a...

A recently republished U.S. federal advisory warns that Rockwell Automation’s FactoryTalk Activation Manager contains a cryptographic implementation flaw that can be exploited remotely to decrypt or tamper with activation and management traffic — an issue assigned CVE‑2025‑7970 and rated with a...

Google's Chromium project has logged a serious security issue — tracked as CVE-2025-9866 — describing an inappropriate implementation in Extensions that can be weaponized to bypass Content Security Policy (CSP) via a crafted HTML page; Google has issued a Chrome stable update to remediate the...

GE Vernova’s CIMPLICITY HMI/SCADA platform has been flagged in a recently circulated advisory as vulnerable to an Uncontrolled Search Path Element (CWE‑427) issue that, under the right local conditions, could allow a low‑privileged user to escalate privileges on affected hosts — the advisory...

CISA has added a critical Citrix NetScaler vulnerability — CVE-2025-7775 — to its Known Exploited Vulnerabilities (KEV) Catalog after evidence of active exploitation, prompting an urgent patch-and-verify cycle for NetScaler ADC and NetScaler Gateway operators worldwide. Background CVE-2025-7775...

CISA’s August 19 advisory batch once again put industrial control systems at the center of urgent cybersecurity attention, flagging four distinct advisories that collectively underscore persistent weaknesses in building management, identity federation, solar-edge gateways, and distributed...

A newly recorded Chromium vulnerability, tracked as CVE-2025-8881, exposes a weakness in the browser’s File Picker implementation that can be coaxed into leaking cross‑origin data when a user is tricked into specific UI gestures on a crafted page; the bug affects Google Chrome builds prior to...

Siemens ProductCERT has published SSA‑493396 — a deserialization vulnerability (CVE‑2025‑40759) that affects a broad swath of TIA‑Portal engineering components, including SIMATIC S7‑PLCSIM V17, STEP 7, and WinCC variants; Siemens assigns a CVSS v3.1 base score of 7.8 and a CVSS v4 base score of...

Siemens’ Simcenter Femap has received a fresh security spotlight: two file‑parsing vulnerabilities that allow local code execution when a user opens specially crafted STP or BMP files, and Siemens has published fixed versions while U.S. authorities have republished the advisory for awareness...