The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has issued seven Industrial Management Methods (ICS) advisories, highlighting crucial vulnerabilities in programs important to industrial and operational processes.
These advisories intention to boost consciousness and encourage mitigation methods to take care of the safety and integrity of ICS environments. Under, we delve into the small print of every advisory and its related vulnerabilities.
CISA Releases Seven ICS Advisories
1. B&R Automation Runtime (ICSA-25-028-01)
- CVE: CVE-2024-8603
- Vulnerability: Use of a Damaged or Dangerous Cryptographic Algorithm
Distant exploitation of this vulnerability may permit attackers to impersonate respectable companies on impacted units.
The vulnerability outcomes from using unsafe cryptographic algorithms within the SSL/TLS element. If exploited, attackers may probably intercept or manipulate communications between units.
2. Schneider Electrical Energy Logic (ICSA-25-028-02)
- CVEs: CVE-2024-10497, CVE-2024-10498
- Vulnerabilities: Authorization Bypass Via Consumer-Managed Key, Improper Restriction of Operations inside the Bounds of a Reminiscence Buffer
Exploitation of those vulnerabilities may result in unauthorized knowledge modifications or denial of service (DoS) affecting system internet interfaces.
The flawed implementation of user-controlled keys (CVE-2024-10497) may permit attackers to govern configurations outdoors outlined privileges.
Moreover, reminiscence buffer points (CVE-2024-10498) allow attackers to ship malformed requests, probably inflicting system malfunctions.
3. Rockwell Automation FactoryTalk (ICSA-25-028-03)
- CVEs: CVE-2025-24479, CVE-2025-24480
- Vulnerabilities: Incorrect Authorization, OS Command Injection
Attackers exploiting these flaws may execute instructions with elevated privileges, severely impacting system integrity.
Improper authorization configurations (CVE-2025-24479) and failure to sanitize inputs (CVE-2025-24480) permit attackers to inject malicious OS instructions, resulting in code execution and system compromise.
4. Rockwell Automation FactoryTalk View Website Version (ICSA-25-028-04)
- CVEs: CVE-2025-24481, CVE-2025-24482
- Vulnerabilities: Incorrect Permission Task for Crucial Sources, Code Injection
Exploitation may end in unauthorized entry to configuration information and the execution of malicious code.
Unauthorized permissions (CVE-2025-24481) and vulnerabilities enabling DLL injection (CVE-2025-24482) pose important dangers to system configuration and safety.
5. Rockwell Automation DataMosaix Personal Cloud (ICSA-25-028-05)
- CVEs: CVE-2020-11656, CVE-2024-11932
- Vulnerabilities: Publicity of Delicate Data, Third-Celebration Dependency Points
Delicate knowledge publicity and vulnerabilities in third-party elements may permit attackers to overwrite information and execute malicious actions.
A path traversal vulnerability (CVE-2024-11932) and outdated SQLite implementation (CVE-2020-11656) create alternatives for attackers to compromise experiences and consumer initiatives.
6. Schneider Electrical RemoteConnect and SCADAPack x70 Utilities (ICSA-25-028-06)
- CVE: CVE-2024-12703
- Vulnerability: Deserialization of Untrusted Information
Malicious venture information opened by customers may compromise system confidentiality, integrity, and even result in distant code execution.
Improper deserialization processes permit attackers to embed malicious code in venture information, compromising workstation safety.
7. BD Diagnostic Options Merchandise (ICSMA-24-352-01)
- CVE: CVE-2024-10476
- Vulnerability: Use of Default Credentials
Default credentials utilized in BD merchandise may permit unauthorized entry, modification, or deletion of delicate knowledge, probably shutting down programs.
Default credentials (CWE-1392) pose a major danger, enabling attackers to infiltrate programs and entry protected well being and personally identifiable data (PHI/PII).
CISA’s launch of those advisories underscores the pressing want for industrial organizations to handle vulnerabilities in ICS environments.
Organizations are inspired to observe CISA’s mitigation suggestions, together with implementing patches, implementing safe configurations, and recurrently updating software program.
By proactively addressing these vulnerabilities, organizations can bolster their cybersecurity posture and shield crucial infrastructure from malicious threats.
Accumulate Risk Intelligence with TI Lookup to enhance your organization’s safety - Get 50 Free Request